www.scmagazine.com Open in urlscan Pro
52.23.126.90  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.scmagazine.com/home/security-news/ransomware HTTP 301
   https://www.scmagazine.com/home/security-news/ransomware/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

• https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1369105046&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAAADQ~&jid=410170382&gjid=1092042837&cid=618309591.1569871830&tid=UA-1290429-10&_gid=1041315496.1569871830&_r=1&gtm=2wg9i1W475TQW&cd1=&cd2=&cd3=&cd4=&cd5=section&cd6=&cd7=home&cd8=security%20news&cd9=ransomware&cd11=omn&cd12=76&cd14=false&cd15=&cd16=false&cd17=&cd18=0&cd19=&cd31=&cd32=&cd33=&cd34=&cd35=&cd36=&cd37=undefined&cd38=undefined&cd39=undefined&cd40=&cd41=&cd42=&cd43=&cd46=&cd48=&cd50=&cd55=&cd56=11&cd57=&cd58=&cd61=false&cd62=&cd63=0&cd67=undef&cd70=false&cd77=GA1.2.618309591.1569871830&z=89721988 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=618309591.1569871830&jid=410170382&_gid=1041315496.1569871830&gjid=1092042837&_v=j79&z=89721988 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=410170382&_v=j79&z=89721988 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=410170382&_v=j79&z=89721988&slf_rd=1&random=2218598907

Request Chain 69

• https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_T52g7RVAtAXpF_7jOzgKWfCQI-xr0TcGIiolnI8euqG4PD1F6tlq69vACwvXMmwFwQukEcmwK78EjvAxS0Pxk-x--hJMzbFtV-6bd49NvzV-BkDRXHZ4ph0k1hQe2e_NVvLzzrWiakxn4puTKKJICF8ToWoLML15GZzNQofppn9YMWOECal3dviaFz1CwPU8J90CJTktXJeC3BjEvkBv-_4TyujEwMFoZxb3a1lS6KZ9Nu753HbCxTi-UsBpBsjKL6qwO73R1LBg___yZWr8zBYVKDIkn7esFo13eVMNnYT3fBrafT7ZpycWPqZjV-6pfNVRdZyNZTPXObpCDKt3zPgATCxL&sai=AMfl-YTrDZly5D1BBgdK0j7JI8XmcyKE6HpzmLOZCVxjsa0dGF4x8vc6IYdtnWQa4Gl6JPFdynMpe0rwv2oqcwLlRG0mnb8hirsu2-cIydNQ&sig=Cg0ArKJSzCo4bwhvKheOEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDHl9LPrgEQARgBMgg9rqP-Of8uDA HTTP 302
• https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDHl9LPrgEQARgBMgg9rqP-Of8uDA

Request Chain 73

• https://tags.bluekai.com/site/20486?limit=0&id=5978151503191974184&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151503191974184%26eid=50056 HTTP 302
• https://ml314.com/csync.ashx?fp=5nMIvy9999exO8J5&person_id=5978151503191974184&eid=50056

Request Chain 74

• https://idsync.rlcdn.com/395886.gif?partner_uid=5978151503191974184 HTTP 307
• https://ml314.com/csync.ashx?fp=&person_id=5978151503191974184&eid=50082

Request Chain 75

• https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151503191974184%26eid=50220 HTTP 302
• https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151503191974184%26eid=50220&mm_bnc&mm_bct&UUID=66ad5d92-51be-4e00-891f-3488e5f994fa HTTP 302
• https://ml314.com/csync.ashx?fp=66ad5d92-51be-4e00-891f-3488e5f994fa&person_id=5978151503191974184&eid=50220

Request Chain 76

• https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151503191974184 HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151503191974184 HTTP 302
• https://ml314.com/csync.ashx?fp=764a5be201e42fc2b1af8cbd08da0963&eid=50146&person_id=5978151503191974184

Request Chain 77

• https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
• https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2Mse_tn_ioN1wqIZ63JGkVZwyUSFp9d-b7Lu4OF8Go0g&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
• https://ml314.com/csync.ashx?fp=2Mse_tn_ioN1wqIZ63JGkVZwyUSFp9d-b7Lu4OF8Go0g&person_id=5978151503191974184&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
• https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

Request Chain 142

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5d9257d60beb22000105444b&gdpr=0 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5d9257d60beb22000105444b&gdpr=0 HTTP 302
• https://polo-v1.feathr.co/v1/analytics/match?f_id=5d9257d60beb22000105444b&ttd_id=01458514-00ba-42e8-9a01-305ef06afc23

Request Chain 144

• https://api-54-203-139-43.b2c.com/api/x?6TENPK9EGH0oT1Ww$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTU4NXgxMjAwIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQxJEVycm9yOiBUeXBlRXJyb3I6IENhbm5vdCByZWFkIHByb3BlcnR5ICdzZXRJdGVtJyBvZiBudWxsIiwic2Vzc2lvblN0b3JhZ2UkMSQxIiwiYXBwQ29kZU5hbWUkMSRNb3ppbGxhIiwiYXBwTmFtZSQxJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQxJDUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQyJHRydWUiLCJkb05vdFRyYWNrJDIkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQyJDE2IiwibGFuZ3VhZ2UkMiRlbi1VUyIsInBsYXRmb3JtJDIkTGludXggeDg2XzY0IiwicHJvZHVjdCQyJEdlY2tvIiwicHJvZHVjdFN1YiQyJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQyJDEiLCJ1c2VyQWdlbnQkMiRNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDIkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMiQiLCJmb250cmVuZGVyJDgkMSIsIndlYmdsJDEwJG4vYSIsIndlYmdsMiQxMCQwIiwidGltZSQxMCQxNTY5ODcxODMwNDkzIiwidGltZXpvbmUkMTAkLTEyMCIsInBsdWdpbnMkMTAkTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkMTAkMTcuMTU4MDMiLCJtZW0tdXNlZEpTSGVhcFNpemUkMTAkMTUuMDAwMjQ2IiwibWVtLWpzSGVhcFNpemVMaW1pdCQxMCQ0MzQ1LjI5ODk0NCIsInRpbWUtcmVkaXJlY3RFbmQkMTEkMjg5IiwidGltZS1mZXRjaFN0YXJ0JDExJDI4OSIsInRpbWUtZG9tYWluTG9va3VwU3RhcnQkMTEkMjg5IiwidGltZS1kb21haW5Mb29rdXBFbmQkMTEkMjg5IiwidGltZS1jb25uZWN0U3RhcnQkMTEkMjg5IiwidGltZS1jb25uZWN0RW5kJDExJDI4OSIsInRpbWUtcmVxdWVzdFN0YXJ0JDExJDI4OSIsInRpbWUtcmVzcG9uc2VTdGFydCQxMSQ0ODAiLCJ0aW1lLXJlc3BvbnNlRW5kJDExJDQ4MSIsInRpbWUtZG9tTG9hZGluZyQxMSQ0ODIiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDExJDc0NCIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQxMSQxIiwibmF2aWdhdGlvbi10eXBlJDExJG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDE2JDAuODciLCJnbG9iYWxzJDE2JDFiZjlhOWZiIiwiZG9jdW1lbnQtdGltZSQyMSQxLjIxNSIsImRvY3VtZW50JDIxJDhiYjcxYWQyIiwiY29ubmVjdGlvbiQyMiQiLCJkb3dubGlua01heCQyMiQiLCJnZXRVc2VyTWVkaWEkMjIkMiIsImNsb2NrJDI3JDI0NTIiLCJiYXR0ZXJ5JDM0JDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDM2JGRjNjZhNjI4IiwiaW50ZXJzZWN0aW9uLXNpemUkMzYkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uJDM2JDMzIiwic29ydCQ2MyQxMy44MDUiLCJmcmFtZXJhdGUkMTMxJDgw HTTP 302
• https://api-54-203-139-43.b2c.com:444/api/4?6TENPK9EGH0oT1Ww

Request Chain 146

• https://px.ads.linkedin.com/collect/?time=1569871830902&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1569871830902%26pid%3D68780%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity-news%252Fransomware%252F%26fmt%3Djs%26s%3D1%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect/?time=1569871830902&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&liSync=true

Request Chain 173

• https://api-34-222-125-127.b2c.com/api/x?CUWwYTWthjDJE0Eo$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5zY21hZ2F6aW5lLmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMSQxIiwiaGlkZGVuJDEkMCIsInZpc2liaWxpdHlTdGF0ZSQxJHZpc2libGUiLCJoYXNGb2N1cyQxJDAiLCJ3aW5kb3ckMSQ3Mjh4OTAiLCJpbm5lciQxJDcyOHg5MCIsIm91dGVyJDEkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDEkRXJyb3I6IFR5cGVFcnJvcjogQ2Fubm90IHJlYWQgcHJvcGVydHkgJ3NldEl0ZW0nIG9mIG51bGwiLCJzZXNzaW9uU3RvcmFnZSQyJDEiLCJhcHBDb2RlTmFtZSQyJE1vemlsbGEiLCJhcHBOYW1lJDIkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDIkNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDMkdHJ1ZSIsImRvTm90VHJhY2skMyQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDMkMTYiLCJsYW5ndWFnZSQzJGVuLVVTIiwicGxhdGZvcm0kMyRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDMkR2Vja28iLCJwcm9kdWN0U3ViJDMkMjAwMzAxMDciLCJzZW5kQmVhY29uJDMkMSIsInVzZXJBZ2VudCQzJE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMyRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQzJCIsImZvbnRyZW5kZXIkNCQxIiwid2ViZ2wkNyRuL2EiLCJ3ZWJnbDIkNyQwIiwidGltZSQ3JDE1Njk4NzE4MzEyODYiLCJ0aW1lem9uZSQ3JC0xMjAiLCJwbHVnaW5zJDckTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkOCQzMC41NDI0NzkiLCJtZW0tdXNlZEpTSGVhcFNpemUkOCQyNC43MTU3MDMiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDgkNDM0NS4yOTg5NDQiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkOCQwIiwibmF2aWdhdGlvbi10eXBlJDgkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMTckMS41MSIsImdsb2JhbHMkMTgkMWJmOWE5ZmIiLCJkb2N1bWVudC10aW1lJDI0JDEuMzc1IiwiZG9jdW1lbnQkMjUkOGJiNzFhZDIiLCJjb25uZWN0aW9uJDI1JCIsImRvd25saW5rTWF4JDI1JCIsImdldFVzZXJNZWRpYSQyNSQyIiwiY2xvY2skMzAkMjUyOSIsImJhdHRlcnkkMzQkMSAxIDAgSW5maW5pdHkiLCJpbnRlcnNlY3Rpb24tc2l6ZSQ1MSQxNTg1eDEyMDAiLCJpbnRlcnNlY3Rpb24tZW50ZXIkNTEkMC41eDAgNzI4eDAiLCJpbnRlcnNlY3Rpb24kNTEkMTAwIiwiYXVkaW9jb250ZXh0JDUxJGRjNjZhNjI4Iiwic29ydCQ2NyQxMS4xNDUiLCJmcmFtZXJhdGUkMTMwJDgw HTTP 302
• https://api-34-222-125-127.b2c.com:444/api/4?CUWwYTWthjDJE0Eo

Request Chain 176

• https://api-54-188-115-89.b2c.com/api/x?7ALfb5o8MT7YCHHJ$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5zY21hZ2F6aW5lLmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQ3Mjh4OTAiLCJpbm5lciQwJDcyOHg5MCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkRXJyb3I6IFR5cGVFcnJvcjogQ2Fubm90IHJlYWQgcHJvcGVydHkgJ3NldEl0ZW0nIG9mIG51bGwiLCJzZXNzaW9uU3RvcmFnZSQwJDEiLCJhcHBDb2RlTmFtZSQwJE1vemlsbGEiLCJhcHBOYW1lJDAkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDAkNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDAkdHJ1ZSIsImRvTm90VHJhY2skMCQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDAkMTYiLCJsYW5ndWFnZSQwJGVuLVVTIiwicGxhdGZvcm0kMCRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDAkR2Vja28iLCJwcm9kdWN0U3ViJDAkMjAwMzAxMDciLCJzZW5kQmVhY29uJDAkMSIsInVzZXJBZ2VudCQwJE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMCRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQwJCIsImZvbnRyZW5kZXIkMSQxIiwid2ViZ2wkMiRuL2EiLCJ3ZWJnbDIkMiQwIiwidGltZSQyJDE1Njk4NzE4MzE1MDAiLCJ0aW1lem9uZSQyJC0xMjAiLCJwbHVnaW5zJDIkTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkMiQzNi4xODgwODIiLCJtZW0tdXNlZEpTSGVhcFNpemUkMiQzMC4wNTc3MyIsIm1lbS1qc0hlYXBTaXplTGltaXQkMiQ0MzQ1LjI5ODk0NCIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQyJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMiRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ0JDAuNDA1IiwiZ2xvYmFscyQ1JDFiZjlhOWZiIiwiZG9jdW1lbnQtdGltZSQ3JDAuNTg1IiwiZG9jdW1lbnQkNyQ4YmI3MWFkMiIsImNvbm5lY3Rpb24kOCQiLCJkb3dubGlua01heCQ4JCIsImdldFVzZXJNZWRpYSQ4JDIiLCJjbG9jayQxMSQ0Njg5IiwiYmF0dGVyeSQyNiQxIDEgMCBJbmZpbml0eSIsImludGVyc2VjdGlvbi1zaXplJDQ1JDE1ODV4MTIwMCIsImF1ZGlvY29udGV4dCQ0NiRkYzY2YTYyOCIsInNvcnQkNjIkMTEuMzY1IiwiZnJhbWVyYXRlJDExMSQ3MA HTTP 302
• https://api-54-188-115-89.b2c.com:444/api/4?7ALfb5o8MT7YCHHJ

Request Chain 184

• https://api-52-13-18-69.b2c.com/api/x?lGOiCaVjB4Yi0nxx$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5zY21hZ2F6aW5lLmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQzMDB4MjUwIiwiaW5uZXIkMCQzMDB4MjUwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCRFcnJvcjogVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnc2V0SXRlbScgb2YgbnVsbCIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMCR0cnVlIiwiZG9Ob3RUcmFjayQwJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMCQxNiIsImxhbmd1YWdlJDAkZW4tVVMiLCJwbGF0Zm9ybSQwJExpbnV4IHg4Nl82NCIsInByb2R1Y3QkMCRHZWNrbyIsInByb2R1Y3RTdWIkMCQyMDAzMDEwNyIsInNlbmRCZWFjb24kMCQxIiwidXNlckFnZW50JDAkTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQwJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDAkIiwiZm9udHJlbmRlciQxJDEiLCJ3ZWJnbCQxJG4vYSIsIndlYmdsMiQyJDAiLCJ0aW1lJDIkMTU2OTg3MTgzMTY5OSIsInRpbWV6b25lJDIkLTEyMCIsInBsdWdpbnMkMiROb25lIiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQyJDQ0LjgyNzkyMyIsIm1lbS11c2VkSlNIZWFwU2l6ZSQyJDM2LjMxNTQ2NyIsIm1lbS1qc0hlYXBTaXplTGltaXQkMiQ0MzQ1LjI5ODk0NCIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQyJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMiRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ1JDAuNDM1IiwiZ2xvYmFscyQ1JDFiZjlhOWZiIiwiZG9jdW1lbnQtdGltZSQ4JDAuNjIiLCJkb2N1bWVudCQ4JDhiYjcxYWQyIiwiY29ubmVjdGlvbiQ4JCIsImRvd25saW5rTWF4JDgkIiwiZ2V0VXNlck1lZGlhJDgkMiIsImNsb2NrJDEyJDQ1NzciLCJiYXR0ZXJ5JDE0JDEgMSAwIEluZmluaXR5IiwiaW50ZXJzZWN0aW9uLXNpemUkMzMkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDMzJDAuNXgwIDMwMHgwIiwiaW50ZXJzZWN0aW9uJDMzJDEwMCIsImF1ZGlvY29udGV4dCQzMyRkYzY2YTYyOCIsInNvcnQkNDckMTIuNTk1IiwiZnJhbWVyYXRlJDExMiQ4MA HTTP 302
• https://api-52-13-18-69.b2c.com:444/api/4?lGOiCaVjB4Yi0nxx

Request Chain 187

• https://api-54-200-75-89.b2c.com/api/x?Yi0TPXee3oujrqPp$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5zY21hZ2F6aW5lLmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQzMDB4MjUwIiwiaW5uZXIkMCQzMDB4MjUwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCRFcnJvcjogVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnc2V0SXRlbScgb2YgbnVsbCIsInNlc3Npb25TdG9yYWdlJDEkMSIsImFwcENvZGVOYW1lJDEkTW96aWxsYSIsImFwcE5hbWUkMSROZXRzY2FwZSIsImFwcFZlcnNpb24kMSQ1LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMSR0cnVlIiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQxNiIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJExpbnV4IHg4Nl82NCIsInByb2R1Y3QkMSRHZWNrbyIsInByb2R1Y3RTdWIkMSQyMDAzMDEwNyIsInNlbmRCZWFjb24kMSQxIiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwiZm9udHJlbmRlciQyJDEiLCJ3ZWJnbCQzJG4vYSIsIndlYmdsMiQzJDAiLCJ0aW1lJDMkMTU2OTg3MTgzMTk2MSIsInRpbWV6b25lJDMkLTEyMCIsInBsdWdpbnMkMyROb25lIiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQzJDQ1LjI1MTk4OCIsIm1lbS11c2VkSlNIZWFwU2l6ZSQzJDMxLjI4NzI2OCIsIm1lbS1qc0hlYXBTaXplTGltaXQkMyQ0MzQ1LjI5ODk0NCIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQzJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMyRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ3JDAuNTkiLCJnbG9iYWxzJDckMWJmOWE5ZmIiLCJkb2N1bWVudC10aW1lJDExJDAuNjQ1IiwiZG9jdW1lbnQkMTIkOGJiNzFhZDIiLCJjb25uZWN0aW9uJDEyJCIsImRvd25saW5rTWF4JDEyJCIsImdldFVzZXJNZWRpYSQxMiQyIiwiY2xvY2skMTYkNDYwNiIsImJhdHRlcnkkMTgkMSAxIDAgSW5maW5pdHkiLCJpbnRlcnNlY3Rpb24tc2l6ZSQyMCQxNTg1eDEyMDAiLCJpbnRlcnNlY3Rpb24tZW50ZXIkMjAkMC41eDAuMDYyNSAzMDB4MCIsImludGVyc2VjdGlvbiQyMCQxMDAiLCJhdWRpb2NvbnRleHQkMjEkZGM2NmE2MjgiLCJzb3J0JDUwJDExLjY5NSIsImZyYW1lcmF0ZSQxMTgkODA HTTP 302
• https://api-54-200-75-89.b2c.com:444/api/4?Yi0TPXee3oujrqPp

Request Chain 194

• https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1369105046&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=lytics_refresh&ea=undefined&_u=aGjAAAADQ~&jid=737757146&gjid=41785011&cid=618309591.1569871830&tid=UA-1290429-10&_gid=2126116529.1569871836&_r=1&gtm=2wg9i1W475TQW&cd20=all&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=Normal%20(22%20segments%20found)&z=1875661093 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=618309591.1569871830&jid=737757146&_gid=2126116529.1569871836&gjid=41785011&_v=j79&z=1875661093 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=737757146&_v=j79&z=1875661093 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=737757146&_v=j79&z=1875661093&slf_rd=1&random=3348615057

Request Chain 196

• https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1369105046&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=User%20Engagement&ea=Beacon&_u=aGjAAAADQ~&jid=123840909&gjid=315849859&cid=618309591.1569871830&tid=UA-1290429-10&_gid=1512608903.1569871845&_r=1&gtm=2wg9i1W475TQW&cd13=No&z=680207419 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=618309591.1569871830&jid=123840909&_gid=1512608903.1569871845&gjid=315849859&_v=j79&z=680207419 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=123840909&_v=j79&z=680207419 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=123840909&_v=j79&z=680207419&slf_rd=1&random=1495072550

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.scmagazine.com/home/security-news/ransomware/ Redirect Chain https://www.scmagazine.com/home/security-news/ransomware https://www.scmagazine.com/home/security-news/ransomware/	98 KB 20 KB	191ms 191ms	Document text/html	52.23.126.90 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.23.126.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-23-126-90.compute-1.amazonaws.com Software nginx / Resource Hash 23248b72806629cd40cb92151efd810ad5231e0d0dbb5f30b10d4b0998187034 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :method GET :authority www.scmagazine.com :scheme https :path /home/security-news/ransomware/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 server nginx date Mon, 30 Sep 2019 19:30:29 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding Accept-Encoding,Cookie,X-WPENGINE-SEGMENT link <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/" x-cacheable SHORT cache-control max-age=600, must-revalidate x-cache HIT: 1 x-pass-why x-cache-group normal x-frame-options SAMEORIGIN content-encoding gzip Redirect headers status 301 server nginx date Mon, 30 Sep 2019 19:30:29 GMT content-type text/html; charset=UTF-8 content-length 0 location https://www.scmagazine.com/home/security-news/ransomware/ expires Mon, 30 Sep 2019 19:44:28 GMT x-redirect-by WordPress x-cacheable non200 cache-control max-age=600, must-revalidate vary X-WPENGINE-SEGMENT x-cache HIT: 2 x-pass-why x-cache-group normal x-frame-options SAMEORIGIN
GET H2	200	style.min.css 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/	29 KB 5 KB	23ms 8ms	Stylesheet text/css	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Mon, 22 Apr 2019 12:40:04 GMT server NetDNA-cache/2.2 status 200 etag W/"5cbdb624-726f" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	shared-style.min.css 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/	48 KB 7 KB	26ms 10ms	Stylesheet text/css	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/shared-style.min.css?ver=1556102413 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 33fe4fe8214760f15a5fdd753b5c396ee5b916e5d6f66f79d4765ed260706723 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 24 Apr 2019 10:40:13 GMT server NetDNA-cache/2.2 status 200 etag W/"5cc03d0d-c05a" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	style.min.css 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/	240 KB 32 KB	29ms 14ms	Stylesheet text/css	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1567085418 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash f1e3884dae2f0ddd32795c0c1ac83e9f9a8c7dce35dbd784bdc3c9872196bb1c Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Thu, 29 Aug 2019 13:30:18 GMT server NetDNA-cache/2.2 status 200 etag W/"5d67d36a-3bfb4" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	css fonts.googleapis.com/	3 KB 578 B	19ms 17ms	Stylesheet text/css	2a00:1450:4001:806::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Mon, 30 Sep 2019 19:30:29 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Mon, 30 Sep 2019 19:30:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:29 GMT
GET H2	200	lytics.min.css 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/	39 KB 3 KB	33ms 19ms	Stylesheet text/css	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/lytics.min.css?ver=1567085418 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 6944e75951f2e7bf00121eea502e7d952a833e811e13a1f28fb077df6af721f3 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Thu, 29 Aug 2019 13:30:18 GMT server NetDNA-cache/2.2 status 200 etag W/"5d67d36a-9de9" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	css fonts.googleapis.com/	825 B 420 B	19ms 17ms	Stylesheet text/css	2a00:1450:4001:806::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Bree+Serif&ver=0.1.1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 19aa6c614f72f6bb67cb17a6169ca551686c2bab5475293c95880f5f32cd830e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Mon, 30 Sep 2019 19:30:29 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Mon, 30 Sep 2019 19:30:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:29 GMT
GET H2	200	jquery.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/	95 KB 34 KB	40ms 26ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Fri, 17 May 2019 17:08:53 GMT server NetDNA-cache/2.2 status 200 etag W/"5cdeeaa5-17a69" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery-migrate.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/	10 KB 4 KB	37ms 23ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Fri, 20 May 2016 06:11:28 GMT server NetDNA-cache/2.2 status 200 etag W/"573eaa90-2748" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	cookie.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/mu-plugins/cookie-controller/js/	2 KB 1 KB	35ms 22ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/mu-plugins/cookie-controller/js/cookie.min.js?ver=1.2 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 24 Apr 2019 10:40:12 GMT server NetDNA-cache/2.2 status 200 etag W/"5cc03d0c-834" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	UtilityMove-custom.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/	2 KB 1 KB	35ms 21ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1556102413 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 24 Apr 2019 10:40:13 GMT server NetDNA-cache/2.2 status 200 etag W/"5cc03d0d-751" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	polyfill.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/js/frontend/	102 KB 35 KB	33ms 19ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/js/frontend/polyfill.min.js?ver=1556102413 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 24 Apr 2019 10:40:13 GMT server NetDNA-cache/2.2 status 200 etag W/"5cc03d0d-19873" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	44 KB 14 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81e::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash e47358938ed88ccbc57820d6e6bcfe6f83f11d5bc7649a21fe9a743f02442bd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "295 / 632 of 1000 / last-modified: 1569859548" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14311 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:29 GMT
GET H2	200	head.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/	44 KB 13 KB	35ms 21ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/head.min.js?ver=1569414299 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 3463d937369067ba4b7700dd056500a6d9d28fed29addce4e3bce87a0970a348 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 25 Sep 2019 12:24:59 GMT server NetDNA-cache/2.2 status 200 etag W/"5d8b5c9b-aebf" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	SC-MAGAZINE30ANNYnotag.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/02/	43 KB 44 KB	25ms 25ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/02/SC-MAGAZINE30ANNYnotag.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 8cad642d5009d9f538c20ce327532bea1a130c019fae995d6d37da325626347d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:45:30 GMT server NetDNA-cache/2.2 etag "1dc9d1e945b5c2a7876fc969ff3ec27d" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 44360 expires Sat, 12 Oct 2019 03:48:45 GMT
GET H2	200	publickey2_693781.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/	39 KB 39 KB	6ms 4ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/publickey2_693781.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 7698bc36c07e606fc5c2bd866e8087d2839adb6cbabbeb759cf754f0e6f871f6 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:31:18 GMT server NetDNA-cache/2.2 etag "96e0fe45e0a7f02e3850227c6a8409b6" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 40146 expires Fri, 25 Oct 2019 16:12:27 GMT
GET H2	200	guantanamocaptiveshospital927_939818-2.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/	10 KB 10 KB	8ms 5ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/guantanamocaptiveshospital927_939818-2.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash c719c7e08927db8d0cef4b4a194876fe2a87266edd21c4d8ee30af71a0578bb4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:22:05 GMT server NetDNA-cache/2.2 etag "bdda75d1f41f34e0e6bb16e99e8b5b81" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 10049 expires Thu, 24 Oct 2019 16:11:51 GMT
GET H2	200	educationransomwarefbtw105790_1182547-5.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/	121 KB 121 KB	8ms 6ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/educationransomwarefbtw105790_1182547-5.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 8baed99ba6bd164b0e13382da25941e798c767a71431300c12ba5328ea9a127b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:19:00 GMT server NetDNA-cache/2.2 etag "12e6adbda8a9a4fac870ca9302396469" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 123690 expires Sun, 20 Oct 2019 19:42:44 GMT
GET H2	200	87656462_567473-8-228x312.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/	11 KB 12 KB	13ms 11ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/87656462_567473-8-228x312.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash fd06e0196069f90886a7ea9dd4d9a8dccec725a585f6b628837bb8e9dbfda09f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:10:59 GMT server NetDNA-cache/2.2 etag "c75a5f99d4e953276685adb6c3d3c327" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 11762 expires Wed, 30 Oct 2019 07:56:31 GMT
GET H2	200	Ryuk-544x306.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/01/	28 KB 28 KB	14ms 12ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/01/Ryuk-544x306.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 96c57a8e6ad23754c4f50e96f19115d1373057a1e0e1b48f7843f675ab906738 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:45:07 GMT server NetDNA-cache/2.2 etag "d6615ae6f4b9d8dab2ecba8b61942da5" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 28278 expires Wed, 30 Oct 2019 07:56:31 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	106 KB 30 KB	17ms 15ms	Script application/javascript	2a00:1450:4001:814::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash 43499cfd4dfc6c0ffa57d5fc723e5255db05bfcc306e9220cb07c4ee0c89ba69 Security Headers Name Value X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding br last-modified Mon, 30 Sep 2019 18:00:00 GMT server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 30194 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:29 GMT
GET H2	200	ransomware2_1308382-2-640x347.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/	42 KB 43 KB	15ms 13ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/ransomware2_1308382-2-640x347.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 6373dd3d6205ea9cdaf87cb61d30245411b2aaaf971efe1ff432e54741a4fddd Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:42:06 GMT server NetDNA-cache/2.2 etag "f48e6f870170b2db2dcf6a33f30e7f99" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 43284 expires Wed, 30 Oct 2019 07:56:31 GMT
GET H2	200	Rockford-Files-544x306.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/09/	25 KB 26 KB	15ms 14ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/09/Rockford-Files-544x306.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 967a301d1ac6110b7592985ec4523d930f420f1845bec9ad89470f6363884c39 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT etag "607879c163123e3deffdb0b8700eda4d" last-modified Sun, 22 Sep 2019 07:11:54 GMT server NetDNA-cache/2.2 x-amz-server-side-encryption AES256 x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 25816 expires Wed, 30 Oct 2019 07:56:31 GMT
GET H2	200	ransomscreen_1223284-640x347.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/	84 KB 84 KB	15ms 14ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/ransomscreen_1223284-640x347.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 775b77a13374329ce5097c8d46dad99a81680ddd00fe4d7a685832074cb17491 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:42:06 GMT server NetDNA-cache/2.2 etag "a2f9422ce0b34118be476410b132797d" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 86000 expires Wed, 30 Oct 2019 07:56:31 GMT
GET H2	200	dentist-544x306.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/01/	21 KB 21 KB	16ms 14ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2019/01/dentist-544x306.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash d0f56934c216b88fa2c8e7db677645c13c498ce24f12c7ea7e087bb97b235b50 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:45:13 GMT server NetDNA-cache/2.2 etag "7a620877d141cee88afd32cd7fc5df36" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 21223 expires Wed, 30 Oct 2019 07:56:31 GMT
GET H2	200	electionsaheadsign_1060867.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/	25 KB 26 KB	16ms 14ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/08/electionsaheadsign_1060867.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 60924fbd580a9c91cb9f82634f99160f9bae39ec1e59368f389a3690fa2e3ac3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:41:49 GMT server NetDNA-cache/2.2 etag "0a60864b0da7f5d929a66d44a3a9ce27" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 25989 expires Wed, 23 Oct 2019 07:27:20 GMT
GET H2	200	spinner.svg www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/	694 B 631 B	97ms 96ms	Image image/svg+xml	52.23.126.90 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/spinner.svg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.23.126.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-23-126-90.compute-1.amazonaws.com Software nginx / Resource Hash abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 24 Apr 2019 10:40:13 GMT server nginx status 200 etag W/"5cc03d0d-2b6" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	healthcare_1134582-2-150x150.jpg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/	9 KB 10 KB	16ms 14ms	Image image/jpeg	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/uploads/sites/4/2018/07/healthcare_1134582-2-150x150.jpg Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 8c799fe2e49d0d07b7f4257c49828bbee48ba4b2deec8ac756abe2682d50e772 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT last-modified Mon, 22 Apr 2019 17:22:26 GMT server NetDNA-cache/2.2 etag "578547d3f9c20f8dc9dac8200a622a46" x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 9639 expires Wed, 30 Oct 2019 07:56:31 GMT
GET H2	200	2b6d39d680de90da3cea5ebacea7f74c744475a9-v3.js Show response content.maropost.com/uploads/1325/websites/1/	3 KB 3 KB	25ms 7ms	Script text/plain	2600:9000:2047:0:1b:fadc:b780:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://content.maropost.com/uploads/1325/websites/1/2b6d39d680de90da3cea5ebacea7f74c744475a9-v3.js?ver=1.1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2047:0:1b:fadc:b780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 0c7e4012cb73f8c0836fa8aee34bb0da2250b5af84d0c4a1959d60764597f05a Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Sep 2019 05:32:45 GMT via 1.1 36c13eeffcddf77ad33d7874b28e6168.cloudfront.net (CloudFront) last-modified Thu, 13 Dec 2018 20:46:06 GMT server AmazonS3 age 37212 etag "33bca5680760348835deea8e5dcbdb62" x-cache Hit from cloudfront status 200 x-amz-cf-pop FRA53 accept-ranges bytes content-length 2565 x-amz-cf-id R4kP8qU0PrUjoQqXj9HkvUlWgomeDVTIh0kb1gueR9KnQW0CP5jhfA==
GET H2	200	blocks.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/	7 KB 3 KB	26ms 26ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/blocks.min.js?ver=1567085418 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 3ed3de3fd0fabc795d8b96ada205998944ff3157366f20b70d5d10b099b63120 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Thu, 29 Aug 2019 13:30:18 GMT server NetDNA-cache/2.2 status 200 etag W/"5d67d36a-1b42" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	comment_count.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/	889 B 691 B	6ms 6ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 24 Apr 2019 10:40:12 GMT server NetDNA-cache/2.2 status 200 etag W/"5cc03d0c-379" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	feather-tool.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/	548 B 625 B	16ms 15ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/feather-tool.js?ver=1.2 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 579a9beff0c400b8b0e87f99d32c3ec8b2b3232232d6ac63438434a0a0d7a8b7 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Thu, 19 Sep 2019 12:25:33 GMT server NetDNA-cache/2.2 status 200 etag W/"5d8373bd-224" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H/1.1	200 OK	hmi-registration-ui.manifest.js Show response s3.amazonaws.com/haymarket-reg-js/develop/production/	799 B 1 KB	379ms 108ms	Script application/javascript	52.216.94.69 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.manifest.js?ver=0.1.1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.94.69 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 4d3e9dbf75d761b4fc344b3be601971eb517ce533c7ce46e093539e03349616e Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:31 GMT Last-Modified Thu, 29 Aug 2019 20:10:10 GMT Server AmazonS3 x-amz-request-id 4CB3AD19AC4850C6 ETag "6878a8fbe72bde4a3f8ecf5b16523972" Content-Type application/javascript x-amz-version-id csLBKnYjTffo31CifRF6x383B2E_amuJ Accept-Ranges bytes Content-Length 799 x-amz-id-2 EfLAUAQMC4ctRgW2f9m4MSokCHa1zv9cb65ObjRmR7hR12OeMPVLkaqpac22x1kzgQ11QtVwVeg=
GET H/1.1	200 OK	hmi-registration-ui.vendor.js Show response s3.amazonaws.com/haymarket-reg-js/develop/production/	357 KB 357 KB	385ms 114ms	Script application/javascript	52.216.94.69 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.vendor.js?ver=0.1.1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.94.69 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 2673f6b0416b9a9f7488ee96f384f5badfa04acb14499c92ae52e394b7572f1f Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:31 GMT Last-Modified Thu, 29 Aug 2019 20:10:10 GMT Server AmazonS3 x-amz-request-id 94042A4EA815B94B ETag "dfdfd93abc9eec4ff346a12a61df7c41" Content-Type application/javascript x-amz-version-id 6ACuZZ4Fakkhaw3IL9mD952B0XZGZK4Q Accept-Ranges bytes Content-Length 365119 x-amz-id-2 XWAVTOhvhEO2I1MKn851428pbVVUpL+DEjd8ztLBY1fkf85HDtiX3VN0yxWulmmDX5OfRv84r7E=
GET H/1.1	200 OK	hmi-registration-ui.bundle.js Show response s3.amazonaws.com/haymarket-reg-js/develop/production/	1 MB 1 MB	419ms 146ms	Script application/javascript	52.216.94.69 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.bundle.js?ver=0.1.1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.94.69 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 4eef9cbbcb01ac2538e54c45514c0560e686abf17070adfba489fd1b3b86455a Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:31 GMT Last-Modified Thu, 29 Aug 2019 20:10:10 GMT Server AmazonS3 x-amz-request-id 7EF8A4B7D47A6AC6 ETag "8f47379688c3f5980d42b891fcaea0eb" Content-Type application/javascript x-amz-version-id 1g9qbXhjK6v_p1EyiVTzg_c7stFBXUFD Accept-Ranges bytes Content-Length 1225121 x-amz-id-2 Ubh9iRYEqmPYIM54KcsLsY4VOJftltLr5pAFaUKTH0IfYm8A3kKy18nbld5dKySukcS4b0c+PEQ=
GET H2	200	frontend.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/	147 KB 39 KB	9ms 9ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1568282123 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash be6beaacd90961241ca111e54c0953bc476a844a264e5afade4792a75c78c540 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Thu, 12 Sep 2019 09:55:23 GMT server NetDNA-cache/2.2 status 200 etag W/"5d7a160b-24c66" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	iab.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/	8 KB 2 KB	7ms 7ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1567085418 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 6463301e10c71f76fc14bb977dfa9097b5633ed4a3ee4119abccf2ead9aa9e29 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Thu, 29 Aug 2019 13:30:18 GMT server NetDNA-cache/2.2 status 200 etag W/"5d67d36a-1ecd" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	wp-embed.min.js Show response 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/	1 KB 1004 B	5ms 5ms	Script application/javascript	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.2.2 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Thu, 30 Aug 2018 12:40:26 GMT server NetDNA-cache/2.2 status 200 etag W/"5b87e5ba-57b" vary Accept-Encoding, Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	src.svg www.scmagazine.com/wp-content/themes/haymarket/assets/svg/	33 KB 10 KB	99ms 98ms	Other image/svg+xml	52.23.126.90 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1556102413 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.23.126.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-23-126-90.compute-1.amazonaws.com Software nginx / Resource Hash 866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811 Request headers Sec-Fetch-Mode same-origin Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 24 Apr 2019 10:40:13 GMT server nginx status 200 etag W/"5cc03d0d-8317" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	16ms 16ms	Script application/javascript	2a00:1450:4001:81d::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	16ms 15ms	Script application/javascript	2a00:1450:4001:81d::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2019092602.js Show response securepubads.g.doubleclick.net/gpt/	158 KB 58 KB	13ms 13ms	Script text/javascript	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software sffe / Resource Hash 35aefd2d1de0b25d9a5640cf3129dfc507a3c417a7da34f4bb6f9b4a79e19484 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Sep 2019 18:43:36 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 59149 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:29 GMT
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:825::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Origin https://www.scmagazine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 24 Sep 2019 11:23:49 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 547600 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14044 x-xss-protection 0 expires Wed, 23 Sep 2020 11:23:49 GMT
GET H2	200	chevron-right-white.svg 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src/	190 B 400 B	11ms 11ms	Image image/svg+xml	94.31.29.64 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/svg/src/chevron-right-white.svg Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1556102413 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.64 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS 94.31.29.64.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 8e0da2e2d764c1a202d33dd39287784df8ac6bc20c7401ea14f2d62001292856 Request headers Sec-Fetch-Mode no-cors Referer https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1567085418 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding gzip last-modified Wed, 24 Apr 2019 10:40:13 GMT server NetDNA-cache/2.2 status 200 etag W/"5cc03d0d-be" vary Accept-Encoding x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:825::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1556102413 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Origin https://www.scmagazine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 24 Sep 2019 11:24:12 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:54 GMT server sffe age 547577 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14176 x-xss-protection 0 expires Wed, 23 Sep 2020 11:24:12 GMT
GET H2	200	S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 fonts.gstatic.com/s/lato/v16/	15 KB 15 KB	8ms 5ms	Font font/woff2	2a00:1450:4001:825::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1556102413 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Origin https://www.scmagazine.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 25 Aug 2019 03:27:53 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:51 GMT server sffe age 3168156 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14864 x-xss-protection 0 expires Mon, 24 Aug 2020 03:27:53 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:80b::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 19 Aug 2019 17:22:41 GMT server Golfe2 age 3871 date Mon, 30 Sep 2019 18:25:58 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 17803 expires Mon, 30 Sep 2019 20:25:58 GMT
GET H2	200	7341.js Show response script.crazyegg.com/pages/scripts/0034/	88 KB 28 KB	52ms 52ms	Script application/x-javascript	2606:4700::6813:9408 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0034/7341.js?436075 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8617f3b621a7fe14ab36ef607fda9909163c458e72f24f0836fb0158a5e31f83 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT via 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront) cf-cache-status HIT age 7225 cf-polished origSize=89761 x-cache Hit from cloudfront status 200 content-encoding gzip last-modified Wed, 25 Sep 2019 17:06:18 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control private, max-age=300 x-amz-cf-pop FRA2-C2 cf-ray 51e89c993f59cbb8-VIE x-amz-cf-id bgSABxQQehjngADKxBsDyOjIDQya34o6WaHTLGcNWBLISn9j59kvLw== cf-bgj minify
GET H2	200	init-131xlxqjsfx7lh82dpc.js Show response api.b2c.com/api/	13 KB 5 KB	521ms 173ms	Script text/javascript	2600:1f14:e96:5802:b76e:7a35:805d:7afc Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.b2c.com/api/init-131xlxqjsfx7lh82dpc.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:b76e:7a35:805d:7afc Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash 763b40737890d140c3bfb80c3eaaf894bfd2f160c8ad5d7089f45866183fe513 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT content-encoding gzip server openresty content-type text/javascript status 200 cache-control no-cache, no-store, must-revalidate expires -1
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	944 B 753 B	18ms 6ms	Script application/x-javascript	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 34d46b50dff8e2640fc5a4ff05dbe0eaee6070796e21c1cef4428b64790408dc Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:29 GMT Content-Encoding gzip Last-Modified Mon, 30 Sep 2019 16:42:34 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=76576 Connection keep-alive Accept-Ranges bytes Content-Length 440
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	35 KB 14 KB	8ms 8ms	Script application/x-javascript	2600:9000:214f:2800:18:1fcd:349:ca21 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:2800:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software nginx / Resource Hash 99fd27cd410417b5633d3fc37196751afc4b3f9ffa5853dedb73cfcb3e810d7c Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 18:06:24 GMT content-encoding gzip last-modified Thu, 01 Aug 2019 01:56:46 GMT server nginx age 5045 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=7200 x-amz-cf-pop FRA53-C1 x-amz-cf-id ik0vXvT00-baQ__eqqDZf2m5MY98RQIR3UDBIjgiuchXQMP_tDSL9w== via 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront) expires Mon, 30 Sep 2019 20:06:24 GMT
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	6 KB 2 KB	22ms 7ms	Script application/x-javascript	143.204.207.113 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W475TQW Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.207.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-207-113.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 7e98e381189d908e1981b6e535bcdd7f3edceafdb0e7095f3e04292e8aac6a0c Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:03:57 GMT Content-Encoding gzip Last-Modified Wed, 17 Jul 2019 18:26:10 GMT Server AmazonS3 Age 78882 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id sE4AiY0_0tvNV55yyvNH0mOmn9PUWGIDIIum6LyZ-sk_SF8pWlwR7Q==
GET H/1.1	200 OK	count.js Show response scmagazineus.disqus.com/	1 KB 1 KB	6444ms 6431ms	Script application/javascript	151.101.112.134 Fastly
General Check archive.org Show headers Download Go to Full URL https://scmagazineus.disqus.com/count.js Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx / Resource Hash 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:36 GMT Content-Encoding gzip X-Content-Type-Options nosniff Age 1911386 P3P CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Connection keep-alive Vary Accept-Encoding Content-Length 871 X-XSS-Protection 1; mode=block Last-Modified Wed, 04 Sep 2019 20:05:34 GMT Server nginx ETag "5d70190e-367" Strict-Transport-Security max-age=300; includeSubdomains Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=300 Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
GET H2	200	boomerang.min.js Show response cdn.feathr.co/js/	113 KB 34 KB	55ms 25ms	Script application/javascript	2606:4700:20::6819:f863 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.feathr.co/js/boomerang.min.js Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/plugins/hm-feathr-tool/js/feather-tool.js?ver=1.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:f863 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 420716b9b6173c7187b6af8211c6f44ab80da47728d2d4b234ccb061c4b3a6a2 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT content-encoding br cf-cache-status HIT age 4945 status 200 x-amz-request-id EA6C3B20E63E978D x-amz-id-2 ftkshWAvvBlUzUoMvnwvATwQ/koP9/O2PefzZpWyGwENRWbl//XtKtyOqPH6wLVU6EKw0KPdSyY= last-modified Wed, 31 Jul 2019 20:04:48 GMT server cloudflare etag W/"b8655d0ded4aca80589aff477a37e060" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 51e89c997eabcbac-VIE expires Mon, 30 Sep 2019 23:30:30 GMT
GET H2	200	lio.js Show response c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/	45 KB 11 KB	60ms 25ms	Script application/javascript	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1568282123 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash dc67bca9acac5a72cf61ad9525140db337c5ded840d6d6b710a3727d0f9e4a55 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers cf-ray 51e89c998d3acbb0-VIE date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google cf-cache-status HIT server cloudflare age 4514 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=7200 content-encoding br expires Mon, 30 Sep 2019 21:30:30 GMT
GET H2	200	most-widget Show response www.scmagazine.com/wp-json/haymarket/v1/	4 KB 1 KB	95ms 95ms	XHR application/json	52.23.126.90 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.scmagazine.com/wp-json/haymarket/v1/most-widget?id=most-4 Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1568282123 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.23.126.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-23-126-90.compute-1.amazonaws.com Software nginx / Resource Hash 09de024decba8117331a51ef78d8f6c770585fc7a3b431e041326c67b68eaca9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT content-encoding gzip x-content-type-options nosniff x-cacheable SHORT x-cache HIT: 2 status 200 x-cache-group normal access-control-allow-headers Authorization, Content-Type allow GET server nginx x-frame-options SAMEORIGIN vary Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie content-type application/json; charset=UTF-8 access-control-expose-headers X-WP-Total, X-WP-TotalPages cache-control max-age=600, must-revalidate x-robots-tag noindex link <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/" x-pass-why
GET H2	200	/ Show response accounts.haymarketmedia.com/sso/check/	45 B 444 B	322ms 129ms	XHR application/json	18.213.112.55 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://accounts.haymarketmedia.com/sso/check/?gn=106 Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1568282123 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.112.55 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-18-213-112-55.compute-1.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 916b46685de3064525220ba828d946e60ab332f5e65c62d7df5fe9877f9c54b2 Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT x-aspnetmvc-version 4.0 server Microsoft-IIS/8.5 x-aspnet-version 4.0.30319 x-powered-by ASP.NET status 200 content-type application/json; charset=utf-8 access-control-allow-origin https://www.scmagazine.com cache-control private access-control-allow-credentials true content-length 45
GET H2	200	js Show response www.google-analytics.com/gtm/	58 KB 22 KB	22ms 21ms	Script application/javascript	2a00:1450:4001:80b::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-TCMLVLP&t=gtm1&cid=618309591.1569871830 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash bc6ad47b7020b6f84420d1f8a11e969dcf74d0c3fee537b93b8af56cb3276b3f Security Headers Name Value X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT content-encoding br last-modified Mon, 30 Sep 2019 18:00:00 GMT server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 22076 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:29 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	405 B 388 B	50ms 50ms	XHR text/plain	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2163849702651672&correlator=63844553471716&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062415&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190930&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2FOOP_skin&sz=1x1&ists=1&scp=pos%3DOOP_skin&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26styleid%3D%26cat%3D%26atype%3D%26isnht%3Dfalse%26browser%3DChrome%252074&cookie_enabled=1&bc=31&abxe=1&lmt=1569871829&dt=1569871829991&dlt=1569871829743&idt=187&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=3664&adk=2911844303&uci=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=56&icsg=148713308160&mso=67108864&std=0&csl=169&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x3664&msz=1585x1&ga_vid=618309591.1569871830&ga_sid=1569871830&ga_hid=1369105046&fws=4&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash d687471b3c25f202d03739dedd14fb694e793c64098bc412df169ae71f919010 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 207 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.scmagazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2019092602.js Show response securepubads.g.doubleclick.net/gpt/	63 KB 24 KB	13ms 13ms	Script text/javascript	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software sffe / Resource Hash 35c073a53df4dd054afab9758b90a88846802754ff15fc3b31cc9af133c8a401 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Sep 2019 18:43:36 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 24721 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:30 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-35/html/	0 0	6ms 5ms	Other text/html	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	7 KB 3 KB	57ms 57ms	XHR text/plain	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2163849702651672&correlator=63844553471716&output=ldjh&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21062415&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190930&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2FOOP_prestitial&sz=1x1&ists=1&scp=pos%3DOOP_prestitial&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26styleid%3D%26cat%3D%26atype%3D%26isnht%3Dfalse%26browser%3DChrome%252074&cookie_enabled=1&bc=31&abxe=1&lmt=1569871830&dt=1569871830002&dlt=1569871829743&idt=187&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=3665&adk=2631322642&uci=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=58&icsg=148713308160&mso=67108864&std=0&csl=181&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x3665&msz=1585x1&ga_vid=618309591.1569871830&ga_sid=1569871830&ga_hid=1369105046&fws=4&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash a4c7fa561917fc6a798a65dc66b2eecf6e7c5598f3ebcc29db88617dff3981f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 3076 x-xss-protection 0 google-lineitem-id 133592065 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138288504992 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.scmagazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	15 KB 5 KB	7ms 6ms	Script application/x-javascript	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:30 GMT Content-Encoding gzip Last-Modified Mon, 23 Sep 2019 16:57:12 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=47989 Connection keep-alive Accept-Ranges bytes Content-Length 4571
GET H/1.1	200 OK	tag.aspx Show response ml314.com/	26 KB 12 KB	113ms 30ms	Script application/javascript	52.31.106.135 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?3082019 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-31-106-135.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:29 GMT Content-Encoding gzip Last-Modified Mon, 30 Sep 2019 04:24:16 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=32026 Connection keep-alive Content-Length 11933 Expires Tue, 01 Oct 2019 04:24:16 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1369105046&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=618309591.1569871830&jid=410170382&_gid=1041315496.1569871830&gjid=1092042837&_v=j79&z=89721988 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=410170382&_v=j79&z=89721988 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=410170382&_v=j79&z=89721988&slf_rd=1&random=2218598907	42 B 109 B	32ms 31ms	Image image/gif	2a00:1450:4001:81d::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=410170382&_v=j79&z=89721988&slf_rd=1&random=2218598907 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=410170382&_v=j79&z=89721988&slf_rd=1&random=2218598907 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrations Show response polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/	54 B 387 B	288ms 95ms	XHR application/json	34.195.214.237 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/integrations Requested by Host: cdn.feathr.co URL: https://cdn.feathr.co/js/boomerang.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.195.214.237 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-195-214-237.compute-1.amazonaws.com Software nginx/1.15.10 / Resource Hash 68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT server nginx/1.15.10 status 200 strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods GET, POST, PUT, OPTIONS content-type application/json access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization content-length 54
GET H2	200	refresh marco.feathr.co/v1/	43 B 566 B	129ms 111ms	Image image/gif	13.32.158.63 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://marco.feathr.co/v1/refresh Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.32.158.63 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-32-158-63.fra56.r.cloudfront.net Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront) x-amz-cf-pop FRA56 x-amzn-requestid 6bb051e4-c8db-4e9d-9dd2-1e76e5ae60f6 status 200 access-control-allow-methods * content-type image/gif access-control-allow-origin * x-amzn-trace-id Root=1-5d9257d6-789f124e56e445aecd350bb0;Sampled=0 x-cache Miss from cloudfront x-amz-apigw-id A2KpeEIeoAMFaAw= content-length 43 x-amz-cf-id -3LDqUFOCXkyjMclqVJphqWRFBpQ_tIrE7FuBrUoUHaHsCRFKx00bA== access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key
GET H2	200	io.min.js Show response c.lytics.io/static/v2/	13 KB 6 KB	18ms 18ms	Script application/javascript	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://c.lytics.io/static/v2/io.min.js Requested by Host: c.lytics.io URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers cf-ray 51e89c99eea1cbb0-VIE date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google cf-cache-status HIT last-modified Fri, 13 Sep 2019 19:02:47 GMT server cloudflare age 2289 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=7200 content-encoding br expires Mon, 30 Sep 2019 21:30:30 GMT
GET DATA	200 OK	truncated / Frame 786A	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62531eabecc02663e16a8438c63ff2be36dfd665bd8d23a72e1a206c4bfb5860 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	77 KB 29 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:81e::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash d23b76d0502f01f486b0025cdb942713385d66f4775fc86af7166da3c26313c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1569582964828766" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29086 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:30 GMT
GET H2	200	imgad tpc.googlesyndication.com/pagead/ Redirect Chain https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_T52g7RVAtAXpF_7jOzgKWfCQI-xr0TcGIiolnI8euqG4PD1F6tlq69vACwvXMmwFwQukEcmwK78EjvAxS0Pxk-x--hJMzbFtV-6bd49NvzV-BkDRXHZ4ph0k1hQe2e_NVvLzzrWia... https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDHl9LPrgEQARgBMgg9rqP-Of8uDA	295 KB 295 KB	8ms 7ms	Image image/png	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDHl9LPrgEQARgBMgg9rqP-Of8uDA Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 8477948c373e9d3cb4d2fa2166afafafa7687abe2b7f59d46bc180bfc50fa47f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 26 Sep 2019 14:18:16 GMT x-content-type-options nosniff server cafe age 364334 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png status 200 cache-control public, max-age=604800 content-disposition attachment; filename="image.png" timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 302293 x-xss-protection 0 expires Thu, 03 Oct 2019 14:18:16 GMT Redirect headers timing-allow-origin * date Mon, 30 Sep 2019 19:30:30 GMT x-content-type-options nosniff server cafe status 302 location https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDHl9LPrgEQARgBMgg9rqP-Of8uDA p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	8 Show response c.lytics.io/cid/	77 B 330 B	163ms 163ms	Script text/javascript	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://c.lytics.io/cid/8?callback=jQuery112406642944082656406_1569871829800&_=1569871829801 Requested by Host: 33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com URL: https://33kpvz33obwvvdeaa3co3hu1-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 3bd25da0e9e13c9a436d4d2ff428038f7a6aca8c32d4922c24e6a50015810d95 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers cf-ray 51e89c9a0f74cbb0-VIE pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type text/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-encoding br access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * expires 0
GET H/1.1	200 OK	utsync.ashx Show response ml314.com/	793 B 1 KB	30ms 30ms	Script application/javascript	52.31.106.135 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=53884&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&pv=1569871830128_ttjmk6ec5&bl=en-us&cb=4939323&return=&ht=&d=&dc=&si=1569871830128_ttjmk6ec5&cid=&s=1600x1200&rp= Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?3082019 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-31-106-135.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash cb502b0777a41b19daba77656d6dc1619fb1c8e8d0c09b65cea4e13d0a2c9934 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:29 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control private Connection keep-alive Content-Type application/javascript; charset=utf-8 Content-Length 486 Expires 0
GET H/1.1	200 OK	ud.ashx Show response in.ml314.com/	20 B 698 B	459ms 178ms	Script application/javascript	35.175.13.58 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://in.ml314.com/ud.ashx?topiclimit=&cb=3082019 Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?3082019 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.175.13.58 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-35-175-13-58.compute-1.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:29 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public, no-cache="set-cookie" Connection keep-alive Content-Length 138 Expires Tue, 01 Oct 2019 19:30:30 GMT
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://tags.bluekai.com/site/20486?limit=0&id=5978151503191974184&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151503191974184%26eid=50056 https://ml314.com/csync.ashx?fp=5nMIvy9999exO8J5&person_id=5978151503191974184&eid=50056	43 B 312 B	87ms 30ms	Image image/gif	52.31.106.135 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=5nMIvy9999exO8J5&person_id=5978151503191974184&eid=50056 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-31-106-135.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:29 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Tue, 01 Oct 2019 15:30:30 GMT Redirect headers Location https://ml314.com/csync.ashx?fp=5nMIvy9999exO8J5&person_id=5978151503191974184&eid=50056 Date Mon, 30 Sep 2019 19:30:30 GMT Connection keep-alive Content-Length 0 BK-Server fe61 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://idsync.rlcdn.com/395886.gif?partner_uid=5978151503191974184 https://ml314.com/csync.ashx?fp=&person_id=5978151503191974184&eid=50082	43 B 312 B	86ms 30ms	Image image/gif	52.31.106.135 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=&person_id=5978151503191974184&eid=50082 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-31-106-135.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:29 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Tue, 01 Oct 2019 15:30:30 GMT Redirect headers date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google status 307 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=&person_id=5978151503191974184&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151503191974184%26eid=50220 https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151503191974184%26eid=50220&mm_bnc&mm_bct&UUID=66ad5d92-51be-4e00-891f-3488e5f994fa https://ml314.com/csync.ashx?fp=66ad5d92-51be-4e00-891f-3488e5f994fa&person_id=5978151503191974184&eid=50220	43 B 312 B	91ms 31ms	Image image/gif	52.31.106.135 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=66ad5d92-51be-4e00-891f-3488e5f994fa&person_id=5978151503191974184&eid=50220 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-31-106-135.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:29 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Tue, 01 Oct 2019 15:30:30 GMT Redirect headers Date Mon, 30 Sep 2019 19:30:30 GMT Server MT3 1734 ed2a032 master zrh-pixel-x22 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://ml314.com/csync.ashx?fp=66ad5d92-51be-4e00-891f-3488e5f994fa&person_id=5978151503191974184&eid=50220 Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 0 Expires Mon, 30 Sep 2019 19:30:29 GMT
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151503191974184 https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151503191974184 https://ml314.com/csync.ashx?fp=764a5be201e42fc2b1af8cbd08da0963&eid=50146&person_id=5978151503191974184	43 B 312 B	93ms 29ms	Image image/gif	52.31.106.135 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=764a5be201e42fc2b1af8cbd08da0963&eid=50146&person_id=5978151503191974184 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-31-106-135.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:29 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Tue, 01 Oct 2019 15:30:30 GMT Redirect headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:30 GMT P3P CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Location https://ml314.com/csync.ashx?fp=764a5be201e42fc2b1af8cbd08da0963&eid=50146&person_id=5978151503191974184 Cache-Control no-cache X-Server 10.45.2.5 Connection keep-alive Content-Length 0 Expires 0
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2Mse_tn_ioN1wqIZ63JGkVZwyUSFp9d-b7Lu4OF8Go0g&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil https://ml314.com/csync.ashx?fp=2Mse_tn_ioN1wqIZ63JGkVZwyUSFp9d-b7Lu4OF8Go0g&person_id=5978151503191974184&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil https://ps.eyeota.net/match?bid=r8hrb20&uid=nil	70 B 171 B	174ms 174ms	Image image/gif	18.195.52.121 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=r8hrb20&uid=nil Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.195.52.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-195-52-121.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:30 GMT Content-Length 70 Content-Type image/gif Redirect headers Date Mon, 30 Sep 2019 19:30:30 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type text/html; charset=utf-8 Location https://ps.eyeota.net/match?bid=r8hrb20&uid=nil Cache-Control private Connection keep-alive Content-Length 168 Expires Tue, 01 Oct 2019 15:30:30 GMT
GET H2	200	913f502267ae03266b128b93e07ac05f api.lytics.io/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/ Frame 15CC	0 0	136ms 117ms	Document text/html	35.227.192.113 Google LLC
General Check archive.org Show headers Download Go to Full URL https://api.lytics.io/api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/913f502267ae03266b128b93e07ac05f?segments=true&mergestate=true&ts=1569871830264 Requested by Host: c.lytics.io URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 113.192.227.35.bc.googleusercontent.com Software lytics.io afbca1b0bd5468a6f7b9c99405e0c6c063368ebf / Resource Hash Request headers :method GET :authority api.lytics.io :scheme https :path /api/me/iframe/8514ca3b54284ee6e75983f95ff7262a/_uid/913f502267ae03266b128b93e07ac05f?segments=true&mergestate=true&ts=1569871830264 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://www.scmagazine.com/home/security-news/ransomware/ accept-encoding gzip, deflate, br cookie __cfduid=da694c1cefa2c3d24229996b2d6e659c21569871830; seerid=913f502267ae03266b128b93e07ac05f Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://www.scmagazine.com/home/security-news/ransomware/ Response headers status 200 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, * access-control-allow-methods GET access-control-allow-origin content-encoding gzip content-type text/html server lytics.io afbca1b0bd5468a6f7b9c99405e0c6c063368ebf date Mon, 30 Sep 2019 19:30:30 GMT content-length 294 via 1.1 google alt-svc clear
GET H2	200	script.js Show response polo.feathr.co/v1/analytics/match/	290 B 676 B	290ms 100ms	Script text/javascript	34.195.214.237 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr Requested by Host: cdn.feathr.co URL: https://cdn.feathr.co/js/boomerang.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.195.214.237 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-195-214-237.compute-1.amazonaws.com Software nginx/1.15.10 / Resource Hash 583250257ff610d914c6df0ced82ac724ec5ad651576b5dbaebc4810731b815e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT server nginx/1.15.10 status 200 etag "5d9257d60beb22000105444b" strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods GET, POST, PUT, OPTIONS content-type text/javascript access-control-allow-origin * cache-control no-cache, max-age=0 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization content-length 290
GET H2	200	pixel.js Show response polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/	32 B 398 B	290ms 100ms	Script text/javascript	34.195.214.237 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/pixel.js?pk=feathr Requested by Host: cdn.feathr.co URL: https://cdn.feathr.co/js/boomerang.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.195.214.237 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-195-214-237.compute-1.amazonaws.com Software nginx/1.15.10 / Resource Hash eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT server nginx/1.15.10 status 200 strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods GET, POST, PUT, OPTIONS content-type text/javascript access-control-allow-origin * cache-control must-revalidate, max-age=14400 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization content-length 32
GET H/1.1	200 OK	ad.gif api-54-203-139-43.b2c.com/api/	43 B 233 B	520ms 171ms	Image image/gif	2600:1f14:e96:5800:d19f:23ec:55e7:ce29 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://api-54-203-139-43.b2c.com/api/ad.gif Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5800:d19f:23ec:55e7:ce29 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:30 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	pathfora.min.js Show response c.lytics.io/static/	98 KB 20 KB	28ms 19ms	Script application/javascript	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://c.lytics.io/static/pathfora.min.js Requested by Host: c.lytics.io URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers cf-ray 51e89c9d4ad2cbb0-VIE date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 03 Jul 2019 23:03:58 GMT server cloudflare age 1347 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=7200 content-encoding br expires Mon, 30 Sep 2019 21:30:30 GMT
GET H2	200	8514ca3b54284ee6e75983f95ff7262a c.lytics.io/c/	35 B 104 B	150ms 141ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a?publicationId=76&channel=home&pagetype=section&tags=&categories=ransomware&pagename=Kaspersky%20releases%20decryptors%20for%20FortuneCrypt%20and%20Yalon%20ransomware&author=&section=home%3Asecurity%20news%3Aransomware&_ts=1569871830578&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_e=pv&_sesstart=1&_tz=2&_ul=en-US&_sz=1600x1200&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4adecbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	8514ca3b54284ee6e75983f95ff7262a c.lytics.io/c/	35 B 93 B	168ms 159ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a?_ts=1569871830579&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4ae0cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	179ms 170ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?gtm.start=1569871829753&event=gtm.js&gtm.uniqueEventId=12&_ts=1569871830579&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4ae1cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	169ms 160ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.AdBlocking=&_ts=1569871830579&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4ae3cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	181ms 173ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.NHTFlag=false&_ts=1569871830579&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4ae5cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	169ms 160ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.ArticleId=&_ts=1569871830580&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4ae6cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	165ms 157ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.ArticleType=&_ts=1569871830580&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4ae7cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 94 B	185ms 177ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.MetaData=&_ts=1569871830580&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4aeacbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 94 B	183ms 175ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Type=section&_ts=1569871830580&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4aebcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	149ms 141ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.ScrollDepth=&_ts=1569871830580&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4aedcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 231 B	196ms 188ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.cmeActivityId=&_ts=1569871830581&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4aefcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	169ms 161ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.PrintSource=&_ts=1569871830581&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4af2cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	168ms 161ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.SEOScore=&_ts=1569871830581&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4af5cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	168ms 161ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Site.Prefix=omn&_ts=1569871830581&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4af9cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	175ms 168ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Site.PublicationId=76&_ts=1569871830581&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4afacbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 95 B	222ms 215ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Author=&_ts=1569871830582&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4afdcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	167ms 160ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.PremiumMonograph=&_ts=1569871830582&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4affcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	177ms 169ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.Geolocation=&_ts=1569871830582&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4b02cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	171ms 164ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Activity.Name=&_ts=1569871830582&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d4b05cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	169ms 162ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.GenericEvents=&_ts=1569871830582&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b24cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	181ms 174ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.CurrencyCode=&_ts=1569871830582&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b28cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	168ms 161ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.OrderId=&_ts=1569871830582&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b2bcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	175ms 168ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Drug.CompanyName=&_ts=1569871830583&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b32cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	177ms 170ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Novo.IsPremiumMonograph=false&_ts=1569871830583&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b35cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 94 B	183ms 177ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.GatingType=section%3Anone&_ts=1569871830583&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b38cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	176ms 170ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Company=&_ts=1569871830583&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b3acbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	174ms 168ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Discipline=&_ts=1569871830583&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b3dcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	173ms 167ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Asset=&_ts=1569871830583&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b41cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	169ms 163ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.PublishDate=&_ts=1569871830583&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b45cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 94 B	193ms 187ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.Curation=false&_ts=1569871830584&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b4ccbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	171ms 165ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Article.WordCount=0&_ts=1569871830584&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b4ecbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	178ms 172ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?MyCME.CreditType=&_ts=1569871830584&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b51cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 101 B	190ms 184ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?MyCME.ActivityResult=&_ts=1569871830584&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b53cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 95 B	200ms 194ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.NumberofAdCalls=11&_ts=1569871830584&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b55cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	190ms 184ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?eComm.ProductsInCart=&_ts=1569871830584&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b56cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	178ms 173ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section1=home&_ts=1569871830585&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b57cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	198ms 193ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section2=home%3Asecurity%20news&_ts=1569871830585&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b5acbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 101 B	187ms 182ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section3=home%3Asecurity%20news%3Aransomware&_ts=1569871830585&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b5bcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	194ms 189ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Section4=&_ts=1569871830585&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b5dcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 94 B	188ms 183ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Tags=&_ts=1569871830585&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b5ecbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	179ms 174ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?Page.Categories=ransomware&_ts=1569871830586&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b5fcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	179ms 175ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.LoggedIn=false&_ts=1569871830586&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b61cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	193ms 188ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Login=&_ts=1569871830586&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b62cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 94 B	182ms 178ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SocSSN=&_ts=1569871830586&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b63cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 116 B	180ms 175ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SSO=0&_ts=1569871830586&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b64cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 94 B	187ms 182ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubscriberId=&_ts=1569871830586&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b66cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 95 B	191ms 187ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Source=&_ts=1569871830586&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b67cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 166 B	187ms 183ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Profession=&_ts=1569871830587&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b6bcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	190ms 186ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Specialty=&_ts=1569871830587&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b71cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 95 B	187ms 183ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubProfession=&_ts=1569871830587&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b75cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	173ms 169ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.SubSpecialty=&_ts=1569871830587&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b77cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	197ms 193ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.JobTitle=&_ts=1569871830587&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b7acbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	197ms 194ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.CampaignCodes=&_ts=1569871830587&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b7dcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 94 B	197ms 194ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Country=&_ts=1569871830588&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b7ecbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	196ms 193ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.Company=&_ts=1569871830588&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b7fcbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 93 B	175ms 172ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?User.CompanySize=&_ts=1569871830588&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b82cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	default c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/	35 B 96 B	191ms 188ms	Image image/gif	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://c.lytics.io/c/8514ca3b54284ee6e75983f95ff7262a/default?gtm.start=1569871829980&event=gtm.js&gtm.uniqueEventId=2&_ts=1569871830588&_nmob=t&_device=desktop&url=www.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&_uid=913f502267ae03266b128b93e07ac05f&_getid=t&_v=2.0.0&_ca=jstag1 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 51e89c9d5b83cbb0-VIE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Cookie, * content-length 35 expires 0
GET H2	200	pathfora.min.css c.lytics.io/static/	20 KB 3 KB	24ms 24ms	Stylesheet text/css	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://c.lytics.io/static/pathfora.min.css Requested by Host: c.lytics.io URL: https://c.lytics.io/static/pathfora.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers cf-ray 51e89c9d6b9dcbb0-VIE date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 03 Jul 2019 23:03:58 GMT server cloudflare age 2272 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=utf-8 status 200 cache-control public, max-age=7200 content-encoding br expires Mon, 30 Sep 2019 21:30:30 GMT
GET H2	200	config.js Show response c.lytics.io/api/program/campaign/config/8514ca3b54284ee6e75983f95ff7262a/	376 B 274 B	33ms 32ms	Script application/javascript	2606:4700:20::6819:5465 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://c.lytics.io/api/program/campaign/config/8514ca3b54284ee6e75983f95ff7262a/config.js Requested by Host: c.lytics.io URL: https://c.lytics.io/api/tag/8514ca3b54284ee6e75983f95ff7262a/lio.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4967d03fb66f41ab7a7bef6265dbc532e549d91805ff654f1656bc790b6dcff2 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers cf-ray 51e89c9d7ba2cbb0-VIE date Mon, 30 Sep 2019 19:30:30 GMT via 1.1 google cf-cache-status HIT server cloudflare age 4512 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=7200 content-encoding br expires Mon, 30 Sep 2019 21:30:30 GMT
GET H2	200	match polo-v1.feathr.co/v1/analytics/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5d9257d60beb22000105444b&gdpr=0 https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5d9257d60beb22000105444b&gdpr=0 https://polo-v1.feathr.co/v1/analytics/match?f_id=5d9257d60beb22000105444b&ttd_id=01458514-00ba-42e8-9a01-305ef06afc23	43 B 404 B	318ms 100ms	Image image/gif	34.234.144.0 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://polo-v1.feathr.co/v1/analytics/match?f_id=5d9257d60beb22000105444b&ttd_id=01458514-00ba-42e8-9a01-305ef06afc23 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.234.144.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-234-144-0.compute-1.amazonaws.com Software nginx/1.15.10 / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT server nginx/1.15.10 status 200 strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods GET, POST, PUT, OPTIONS content-type image/gif access-control-allow-origin * cache-control max-age=0,no-cache,no-store access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization content-length 43 Redirect headers pragma no-cache date Mon, 30 Sep 2019 19:30:30 GMT x-aspnet-version 4.0.30319 status 302 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://polo-v1.feathr.co/v1/analytics/match?f_id=5d9257d60beb22000105444b&ttd_id=01458514-00ba-42e8-9a01-305ef06afc23 cache-control private,no-cache, must-revalidate content-type text/html content-length 267
GET H2	200	crumb polo.feathr.co/v1/analytics/	43 B 403 B	201ms 200ms	Image image/gif	34.195.214.237 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://polo.feathr.co/v1/analytics/crumb?cb=1569871830670&a_id=5c2d2a2366bba411c7d26e37&f_id=5d9257d60beb22000105444b&ses_id=5d9257d6a48abf430696ba8a&flvr=page_view&loc_url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30= Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.195.214.237 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-195-214-237.compute-1.amazonaws.com Software nginx/1.15.10 / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:30 GMT server nginx/1.15.10 status 200 strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods GET, POST, PUT, OPTIONS content-type image/gif access-control-allow-origin * cache-control max-age=0,no-cache,no-store access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization content-length 43
GET H/1.1	200 OK	4 Show response api-54-203-139-43.b2c.com/api/ Redirect Chain https://api-54-203-139-43.b2c.com/api/x?6TENPK9EGH0oT1Ww$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRl... https://api-54-203-139-43.b2c.com:444/api/4?6TENPK9EGH0oT1Ww	43 B 441 B	651ms 158ms	XHR image/gif	54.203.139.43 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-54-203-139-43.b2c.com:444/api/4?6TENPK9EGH0oT1Ww Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.203.139.43 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-203-139-43.us-west-2.compute.amazonaws.com Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:31 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin null Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43 Expires -1 Redirect headers Date Mon, 30 Sep 2019 19:30:31 GMT Server openresty Location https://api-54-203-139-43.b2c.com:444/api/4?6TENPK9EGH0oT1Ww Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin https://www.scmagazine.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 142
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 6 KB	183ms 182ms	XHR text/plain	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2163849702651672&correlator=63844553471716&output=ldjh&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21062415&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190930&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2Fleaderboard_top&sz=728x90%7C970x250&scp=pos%3Dleaderboard_top%26atype%3D%26author%3D%26browser%3DChrome%252074%26cat%3D%26comp%3D%26env%3Dlive%26isnht%3Dfalse%26pagetype%3Dpost%26postID%3D%26sid%3DRansomware%26sponsor%3D%26styleid%3D&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26styleid%3D%26cat%3D%26atype%3D%26isnht%3Dfalse%26browser%3DChrome%252074%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3D68be7190594cf3b7%3AT%3D1569871830%3AS%3DALNI_MbcWZ5Y8RIyQAMVGccACEkZy8nebA&cookie_enabled=1&bc=31&abxe=1&lmt=1569871830&dt=1569871830882&dlt=1569871829743&idt=187&frm=20&biw=1585&bih=1200&oid=3&adx=193&ady=194&adk=380034999&uci=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=68&icsg=152282360709120&mso=67108864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x106&msz=1200x90&psts=CjUIgejZP-gBoMGMlYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUeXOpp1R0QKevcLsiikHeg&ga_vid=618309591.1569871830&ga_sid=1569871830&ga_hid=1369105046&fws=4&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash 7c0ab3d64845bf1bf3b34cbc0b24c75aa7b3ba519e760990d5ce7e9ad644d4c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5602 x-xss-protection 0 google-lineitem-id 133590745 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138289260730 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.scmagazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response px.ads.linkedin.com/collect/ Redirect Chain https://px.ads.linkedin.com/collect/?time=1569871830902&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1 https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1569871830902%26pid%3D68780%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity... https://px.ads.linkedin.com/collect/?time=1569871830902&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&liSync=true	0 89 B	184ms 184ms	Script application/javascript	2620:119:50e1:105::6cae:b25 LinkedIn Corporation
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/collect/?time=1569871830902&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&liSync=true Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:119:50e1:105::6cae:b25 , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US), Reverse DNS Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip server Play vary Accept-Encoding x-li-fabric prod-lor1 status 200 x-li-proto http/2 x-li-pop prod-esv5 content-type application/javascript content-length 20 x-li-uuid DPFyEB1OyRUQ+EgXtCoAAA== Redirect headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip x-content-type-options nosniff status 302 vary Accept-Encoding content-length 20 x-li-uuid pdVVBB1OyRWguZk7UysAAA== server Play pragma no-cache x-li-pop prod-edc2 x-frame-options sameorigin expect-ct max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct" strict-transport-security max-age=2592000 x-li-fabric prod-lor1 location https://px.ads.linkedin.com/collect/?time=1569871830902&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&fmt=js&s=1&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store content-security-policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	ping ping.chartbeat.net/	43 B 168 B	94ms 94ms	Image image/gif	52.203.60.11 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=scmagazine.com&p=%2Fhome%2Fsecurity-news%2Fransomware%2F&u=DLOePgM9t_TDWx_mM&d=scmagazine.com&g=56851&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3755&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1691&t=D9PB-1Ch8ra9Bt4SACeA3R4DXlGEV&V=116&i=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&tz=-120&sn=1&sv=CBvWxxDyevxED4cljzCRjNyG-WYfc&sd=1&im=067b2fff&_ Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.60.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-203-60-11.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 pragma no-cache date Mon, 30 Sep 2019 19:30:31 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H2	200	view Show response securepubads.g.doubleclick.net/pcs/ Frame 7DD2	0 57 B	18ms 17ms	Fetch image/gif	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMrf0uBTOGyXn7nnsWeh1ju_3VE0Rn3N9QWstcaDOVVk_UC-YE8UeIoNViCJGTfVcnKqpafmTzFuZ0VJVxAQsxeHTi9FegkM0yTo2BRKxJ_KvWOjflWAqNyt7IcC4f-bKhNGL42loX6MKXA8id_QyfLl9N45UlVCrwoCRGoIM_oGPaBj5iG3o07zp-X1LeOTh8ou8jxwD7cC0c_9WWYhggmkueAi6rVKDtWkZ9_7eb_nKpL-Txwl76WkjGDzthmBQUr1ZoXxIrZq8E44RRX72xcgVAJSGoeODG9DNQyPeyuM6PwYM2w0nIhi0&sig=Cg0ArKJSzCWQ5ZWesa_aEAE&adurl= Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 30 Sep 2019 19:30:31 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20190925/r20110914/client/ Frame 7DD2	2 KB 1 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20190925/r20110914/client/window_focus.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 26 Sep 2019 05:41:25 GMT content-encoding gzip x-content-type-options nosniff age 395346 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1044 x-xss-protection 0 server cafe etag 16885093947315342629 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 10 Oct 2019 05:41:25 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 7DD2	78 KB 29 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:81e::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 40c4598498d723f4f7406649ed88cba3ae85afbbb863e97b2723174e22b2381a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1569582964828766" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29649 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:31 GMT
GET H2	200	init-140r6opg3f7b3b5fypx.js Show response api.b2c.com/api/ Frame 7DD2	12 KB 5 KB	174ms 173ms	Script text/javascript	2600:1f14:e96:5802:b76e:7a35:805d:7afc Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21804943386&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138289260730&sid=Ransomware Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:b76e:7a35:805d:7afc Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash 24db1cb11883ec90dc9e945a56f7e2e3ab33bcba62b106bb491ff16984f28ffe Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip server openresty content-type text/javascript status 200 cache-control no-cache, no-store, must-revalidate expires -1
GET H2	200	15812232764764570181 tpc.googlesyndication.com/simgad/ Frame 7DD2	92 KB 92 KB	7ms 7ms	Image image/png	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15812232764764570181 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 373ae40fcc53f8fe8639381a9aca54b2bea98037ebc0d134a6d6aab1651b6118 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 10:11:04 GMT x-content-type-options nosniff age 33567 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 94119 x-xss-protection 0 last-modified Fri, 27 Sep 2019 17:14:02 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 29 Sep 2020 10:11:04 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 6 KB	204ms 202ms	XHR text/plain	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2163849702651672&correlator=63844553471716&output=ldjh&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21062415&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190930&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2Fleaderboard_bottom&sz=728x90%7C970x250&scp=pos%3Dleaderboard_bottom%26atype%3D%26author%3D%26browser%3DChrome%252074%26cat%3D%26comp%3D%26env%3Dlive%26isnht%3Dfalse%26pagetype%3Dpost%26postID%3D%26sid%3DRansomware%26sponsor%3D%26styleid%3D%26lid%3D133590745&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26styleid%3D%26cat%3D%26atype%3D%26isnht%3Dfalse%26browser%3DChrome%252074%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3D68be7190594cf3b7%3AT%3D1569871830%3AS%3DALNI_MbcWZ5Y8RIyQAMVGccACEkZy8nebA&cookie_enabled=1&bc=31&abxe=1&lmt=1569871831&dt=1569871831092&dlt=1569871829743&idt=187&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=3230&adk=4131241673&uci=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=68&icsg=609129442836480&mso=67108864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x3019&msz=1585x90&psts=CjUIgejZP-gBoMGMlYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUeXOpp1R0QKevcLsiikHeg%2CCjUI2d3ZP-gButG6lYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUZqQtJ1R0QLAE6x-90e0BQ&ga_vid=618309591.1569871830&ga_sid=1569871830&ga_hid=1369105046&fws=4&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash 90ee456b6e849271a47c2ce992f5f3947347a62ee141f0132600d78fe1039f36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5714 x-xss-protection 0 google-lineitem-id 133590745 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138288427296 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.scmagazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 7DD2	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c630c9082a23c509b579a3d0a4c77bfe945cc3bb1df8b529088c97b84fe53d57 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
POST H/1.1	200 OK	x api-54-203-139-43.b2c.com/api/	0 388 B	171ms 171ms	Other text/plain	2600:1f14:e96:5800:d19f:23ec:55e7:ce29 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-54-203-139-43.b2c.com/api/x?6TENPK9EGH0oT1Ww$YWRibG9jayQ1NTAkMA Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5800:d19f:23ec:55e7:ce29 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:31 GMT Server openresty Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin https://www.scmagazine.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires -1
GET H/1.1	200 OK	ad.gif api-34-222-125-127.b2c.com/api/ Frame 7DD2	43 B 233 B	519ms 172ms	Image image/gif	2600:1f14:e96:5802:39ac:8432:6001:f41 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://api-34-222-125-127.b2c.com/api/ad.gif Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:39ac:8432:6001:f41 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:31 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	view Show response securepubads.g.doubleclick.net/pcs/ Frame BBBB	0 57 B	18ms 17ms	Fetch image/gif	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-GFFDgqOV4kdDEwKA_kHRrbmZ7BMMBYCbCXPUoeCvjeD6NxPNhZNuKwEjMKOvOUh-3069q06iNhAXAs3PgLHHrhXb65IJISy4XbdSGxiVSZ9Eau2FjmlZQc4rvSX7Q4goXPfi6WSPYYu_FjYEroHLR0BW9Mfx2MEVWYLaMxl_mDPq5Z63nthwO3soPZDYM7fFi9i0RXiR10NjJ6rm2QpsGBRuDybH3TeGjOP1Txa-GnuE9pc1Y84xJ1e8EXkGeycUQxnsZfR2rSYcXi5QzY15UCJBTMb8BnvsqZR9MPwI6Mq8diT5XLcT4QN8H3A&sig=Cg0ArKJSzBrDBnK2UcqVEAE&adurl= Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 30 Sep 2019 19:30:31 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20190925/r20110914/client/ Frame BBBB	2 KB 1 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20190925/r20110914/client/window_focus.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 26 Sep 2019 05:41:25 GMT content-encoding gzip x-content-type-options nosniff age 395346 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1044 x-xss-protection 0 server cafe etag 16885093947315342629 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 10 Oct 2019 05:41:25 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame BBBB	78 KB 29 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:81e::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 40c4598498d723f4f7406649ed88cba3ae85afbbb863e97b2723174e22b2381a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1569582964828766" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29649 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:31 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame BBBB	0 0	14ms 13ms	Image text/html	2a00:1450:4001:820::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3jYRqcTU6QvYlxAYP9xSFoMocjHs3hcya71QL9UleoJJe1XtGdGTbIRWr_WBn4ua21Z-TcmwJwT1jr6fcVtlF6NUrGA Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	init-140r6opg3f7b3b5fypx.js Show response api.b2c.com/api/ Frame BBBB	12 KB 5 KB	174ms 173ms	Script text/javascript	2600:1f14:e96:5802:b76e:7a35:805d:7afc Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21804943563&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138288427296&sid=Ransomware Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:b76e:7a35:805d:7afc Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash 6e3eb7f80a8cceb518063947b099362f86014a248c7f21d977557972f04b9b94 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip server openresty content-type text/javascript status 200 cache-control no-cache, no-store, must-revalidate expires -1
GET H2	200	11988356922906471021 tpc.googlesyndication.com/simgad/ Frame BBBB	92 KB 92 KB	7ms 7ms	Image image/png	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/11988356922906471021 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 1285b1ff372bfc589a282f860bf7912d70206b7b1f9906435bfc340d2293c939 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 26 Sep 2019 14:23:05 GMT x-content-type-options nosniff age 364046 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 93986 x-xss-protection 0 last-modified Tue, 24 Sep 2019 18:06:24 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 25 Sep 2020 14:23:05 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 6 KB	175ms 175ms	XHR text/plain	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2163849702651672&correlator=63844553471716&output=ldjh&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21062415&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190930&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2Fbox_1&sz=300x250%7C300x600%7C300x1050&scp=pos%3Dbox_1%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%2Cce_no_usa%2Call%2Csmt_new%2Cly_reporting_has_visited_web%2Cly_reporting_multi_session_visitor%2Cly_reporting_last_visit_within_day%2Cly_reporting_last_visit_within_week%2Cly_reporting_last_visit_within_month%2Cly_reporting_last_visit_within_3_months%2Cly_unknown_email%2Cly_repeat_visitor%2Cly_international_visitor%2Cly_uses_desktop%2Cce_unknown_1000plus%2Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%2Csc_module_21_073117_priority_2_817_thycotic%2Csc_module_081717_priority_3_surviving_ransomware_28%2Csc_module_090717_priority_2_surviving_ransomware_41%2Csc_module_56_092717_priority_3_threat_management_eb%2Csc_module_74_103017_priority_2_threat_management_eb%2Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%26atype%3D%26author%3D%26browser%3DChrome%252074%26cat%3D%26comp%3D%26env%3Dlive%26isnht%3Dfalse%26pagetype%3Dpost%26postID%3D%26sid%3DRansomware%26sponsor%3D%26styleid%3D%26lid%3D133590745&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26styleid%3D%26cat%3D%26atype%3D%26isnht%3Dfalse%26browser%3DChrome%252074%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3D68be7190594cf3b7%3AT%3D1569871830%3AS%3DALNI_MbcWZ5Y8RIyQAMVGccACEkZy8nebA&cookie_enabled=1&bc=31&abxe=1&lmt=1569871831&dt=1569871831323&dlt=1569871829743&idt=187&frm=20&biw=1585&bih=1200&oid=3&adx=1053&ady=300&adk=3876327918&uci=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=67&icsg=609129442836480&mso=67108864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=CjUIgejZP-gBoMGMlYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUeXOpp1R0QKevcLsiikHeg%2CCjUI2d3ZP-gButG6lYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUZqQtJ1R0QLAE6x-90e0BQ%2CCjUI2d3ZP-gBoOKHlYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUcuRtJ1R0QI62txTEXgAuA&ga_vid=618309591.1569871830&ga_sid=1569871830&ga_hid=1369105046&fws=4&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash 501fa7b2d9d59fd86932a576985467726ee413f65c6e12ba3d165c19550d17c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5711 x-xss-protection 0 google-lineitem-id 133590745 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138287721754 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.scmagazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame BBBB	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash da37a047859c17561035e35308df8adb90af4c1cf210f9d2e88a4af505c5479b Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	ad.gif api-54-188-115-89.b2c.com/api/ Frame BBBB	43 B 233 B	520ms 172ms	Image image/gif	2600:1f14:e96:5800:36f0:f20:9bd0:c292 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://api-54-188-115-89.b2c.com/api/ad.gif Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5800:36f0:f20:9bd0:c292 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:31 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	view Show response securepubads.g.doubleclick.net/pcs/ Frame C27B	0 57 B	21ms 20ms	Fetch image/gif	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlpoRsThuJAyqELCg5vvZxlGgRGeezQ0EHNZms6cMSNl7y-EnEyyWxbOOnbtPDoC8LI3b22bTbY1Z0DHcDp7zNFObfurpWR-8KzLZ63p-FcijQgUSHcUwbn5tjtFFMQkCjYenQsveItVITs_4vDowfin713IeIaqLaCHqhtjhbD0oN3HeOn8iufxSb_pyzv2WdgBSAA8KxH267-rtFb02XhdTiJNINJMHS_pu161kW_ZIfrl8LhJMg6pRuCcxjlODBDDwfukEBg-dHFXdf8eBU8PwlxJcOl7msmSkMz55bLQ&sig=Cg0ArKJSzE7henlio7c5EAE&adurl= Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 30 Sep 2019 19:30:31 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20190925/r20110914/client/ Frame C27B	2 KB 1 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20190925/r20110914/client/window_focus.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 26 Sep 2019 05:41:25 GMT content-encoding gzip x-content-type-options nosniff age 395346 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1044 x-xss-protection 0 server cafe etag 16885093947315342629 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 10 Oct 2019 05:41:25 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame C27B	78 KB 29 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:81e::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 40c4598498d723f4f7406649ed88cba3ae85afbbb863e97b2723174e22b2381a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1569582964828766" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29649 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:31 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame C27B	0 0	14ms 14ms	Image text/html	2a00:1450:4001:820::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSk4kXlY6z_Mz7qmYFpR4cSDVnMGNHpGcGh98MfrV6WPZLOCOOyCqP1xjqjywuNttz5W5jxfzEFsXc75YnOS0JhKWLwbQ Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	init-140r6opg3f7b3b5fypx.js Show response api.b2c.com/api/ Frame C27B	12 KB 5 KB	176ms 175ms	Script text/javascript	2600:1f14:e96:5802:b76e:7a35:805d:7afc Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21804722027&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138287721754&sid=Ransomware Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:b76e:7a35:805d:7afc Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash 63f526c74c5d7b72c60e712845ad082b30a7b6ab87c1843a8d21351327df8429 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip server openresty content-type text/javascript status 200 cache-control no-cache, no-store, must-revalidate expires -1
GET H2	200	16807504193337430074 tpc.googlesyndication.com/simgad/ Frame C27B	65 KB 66 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16807504193337430074 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 048b3d99f13493346964554e186494a50b95b0d037d66027429c3765ceca4d92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 13 Sep 2019 15:10:22 GMT x-content-type-options nosniff age 1484409 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 67009 x-xss-protection 0 last-modified Fri, 13 Sep 2019 14:56:11 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Sep 2020 15:10:22 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	20 KB 6 KB	211ms 211ms	XHR text/plain	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2163849702651672&correlator=63844553471716&output=ldjh&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21062415&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190930&iu=%2F5745%2Fsc_us%2Fhome%2Fsecurity-news%2Fransomware%2Fbox_2&sz=300x250%7C300x600&scp=pos%3Dbox_2%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%2Cce_no_usa%2Call%2Csmt_new%2Cly_reporting_has_visited_web%2Cly_reporting_multi_session_visitor%2Cly_reporting_last_visit_within_day%2Cly_reporting_last_visit_within_week%2Cly_reporting_last_visit_within_month%2Cly_reporting_last_visit_within_3_months%2Cly_unknown_email%2Cly_repeat_visitor%2Cly_international_visitor%2Cly_uses_desktop%2Cce_unknown_1000plus%2Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%2Csc_module_21_073117_priority_2_817_thycotic%2Csc_module_081717_priority_3_surviving_ransomware_28%2Csc_module_090717_priority_2_surviving_ransomware_41%2Csc_module_56_092717_priority_3_threat_management_eb%2Csc_module_74_103017_priority_2_threat_management_eb%2Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86%26atype%3D%26author%3D%26browser%3DChrome%252074%26cat%3D%26comp%3D%26env%3Dlive%26isnht%3Dfalse%26pagetype%3Dpost%26postID%3D%26sid%3DRansomware%26sponsor%3D%26styleid%3D%26lid%3D133590745&eri=1&cust_params=pagetype%3Dpost%26sponsor%3D%26comp%3D%26author%3D%26postID%3D%26env%3Dlive%26sid%3DRansomware%26styleid%3D%26cat%3D%26atype%3D%26isnht%3Dfalse%26browser%3DChrome%252074%26LyticsSegments%3Dmodule_115_022818_priority_2_sc_paid_subscription%252Cce_no_usa%252Call%252Csmt_new%252Cly_reporting_has_visited_web%252Cly_reporting_multi_session_visitor%252Cly_reporting_last_visit_within_day%252Cly_reporting_last_visit_within_week%252Cly_reporting_last_visit_within_month%252Cly_reporting_last_visit_within_3_months%252Cly_unknown_email%252Cly_repeat_visitor%252Cly_international_visitor%252Cly_uses_desktop%252Cce_unknown_1000plus%252Csc_module_063017_priority_3_sc_reboot_17_industry_innovators%252Csc_module_21_073117_priority_2_817_thycotic%252Csc_module_081717_priority_3_surviving_ransomware_28%252Csc_module_090717_priority_2_surviving_ransomware_41%252Csc_module_56_092717_priority_3_threat_management_eb%252Csc_module_74_103017_priority_2_threat_management_eb%252Csc_module_112217_priority_3_sc_virtual_conference_siem_112217_121317_86&cookie=ID%3D68be7190594cf3b7%3AT%3D1569871830%3AS%3DALNI_MbcWZ5Y8RIyQAMVGccACEkZy8nebA&cookie_enabled=1&bc=31&abxe=1&lmt=1569871831&dt=1569871831519&dlt=1569871829743&idt=187&frm=20&biw=1585&bih=1200&oid=3&adx=1053&ady=1143&adk=3758827009&uci=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&dssz=67&icsg=609129442836480&mso=67108864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=CjUIgejZP-gBoMGMlYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUeXOpp1R0QKevcLsiikHeg%2CCjUI2d3ZP-gBmtrclIMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUevOpp1R0QIBSn7dRTEYoQ%2CCjUI2d3ZP-gButG6lYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUZqQtJ1R0QLAE6x-90e0BQ%2CCjUI2d3ZP-gBoOKHlYMEggIbsbmAD4Hf-iH53_oh2sXaj1GbkbSdUcuRtJ1R0QI62txTEXgAuA&ga_vid=618309591.1569871830&ga_sid=1569871830&ga_hid=1369105046&fws=4&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash 851c63f6391cbfce9623da8c6e701ca88db371648950e15bd1b76b10724e00b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5717 x-xss-protection 0 google-lineitem-id 133590745 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138289260727 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.scmagazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	4 Show response api-34-222-125-127.b2c.com/api/ Frame 7DD2 Redirect Chain https://api-34-222-125-127.b2c.com/api/x?CUWwYTWthjDJE0Eo$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczo... https://api-34-222-125-127.b2c.com:444/api/4?CUWwYTWthjDJE0Eo	43 B 441 B	657ms 161ms	XHR image/gif	34.222.125.127 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-34-222-125-127.b2c.com:444/api/4?CUWwYTWthjDJE0Eo Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.222.125.127 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-222-125-127.us-west-2.compute.amazonaws.com Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:32 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin null Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43 Expires -1 Redirect headers Date Mon, 30 Sep 2019 19:30:31 GMT Server openresty Location https://api-34-222-125-127.b2c.com:444/api/4?CUWwYTWthjDJE0Eo Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin https://www.scmagazine.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 142
GET DATA	200 OK	truncated / Frame C27B	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ea34849b898d23a43221a5c3935d4aeeef05bd9ad2a7222503154b070bb9df5 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	ad.gif api-52-13-18-69.b2c.com/api/ Frame C27B	43 B 233 B	518ms 172ms	Image image/gif	2600:1f14:e96:5800:cd8d:f29c:54d0:b001 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://api-52-13-18-69.b2c.com/api/ad.gif Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5800:cd8d:f29c:54d0:b001 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:32 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	4 Show response api-54-188-115-89.b2c.com/api/ Frame BBBB Redirect Chain https://api-54-188-115-89.b2c.com/api/x?7ALfb5o8MT7YCHHJ$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczov... https://api-54-188-115-89.b2c.com:444/api/4?7ALfb5o8MT7YCHHJ	43 B 441 B	652ms 159ms	XHR image/gif	54.188.115.89 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-54-188-115-89.b2c.com:444/api/4?7ALfb5o8MT7YCHHJ Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.188.115.89 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-188-115-89.us-west-2.compute.amazonaws.com Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:32 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin null Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43 Expires -1 Redirect headers Date Mon, 30 Sep 2019 19:30:32 GMT Server openresty Location https://api-54-188-115-89.b2c.com:444/api/4?7ALfb5o8MT7YCHHJ Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin https://www.scmagazine.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 142
GET H2	200	view Show response securepubads.g.doubleclick.net/pcs/ Frame 0394	0 48 B	18ms 17ms	Fetch image/gif	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbjznptDtaLqVQQq4aP43VbkA64y8F8MABXt7hwneCTokOmJG24DHgm4fypG5GSd8rLkyp13M6QVupomTH3UQ3wyWt9ePD75QY21nYZuNxLoQQidnmvq52KprEDWw2_ESfXim18LWIOHSeeioYFud5BtKXAwm1_kMyFduFqpZraFvibl7aKqoOU9vuosxdDik-pE1mQGWSrDhpb6HKzs7qS2cu9-OaTBQBP9CvNxtWt8r84K-sLlBLkli4W6Q7e1K4KMOvrgfgfaGdtTLwT2w2JBKg1uAtd4bd6C_v815pow&sig=Cg0ArKJSzFjWfNY44ckEEAE&adurl= Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 30 Sep 2019 19:30:31 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20190925/r20110914/client/ Frame 0394	2 KB 1 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20190925/r20110914/client/window_focus.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash d31b12baad65082a7d404da9971cc9fed871e35f29a5893f815f468f1050491f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 26 Sep 2019 05:41:25 GMT content-encoding gzip x-content-type-options nosniff age 395346 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1044 x-xss-protection 0 server cafe etag 16885093947315342629 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 10 Oct 2019 05:41:25 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 0394	78 KB 29 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:81e::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 40c4598498d723f4f7406649ed88cba3ae85afbbb863e97b2723174e22b2381a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1569582964828766" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29649 x-xss-protection 0 expires Mon, 30 Sep 2019 19:30:31 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 0394	0 0	14ms 14ms	Image text/html	2a00:1450:4001:820::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSU6_inl8nkWWjiW6RzFjkoS0JcMo2lDK0bhAw9OLRHWJKu9PevQo3ufwe0yIlzTM0JpErxkc6xgOdCj4zZSJnSe45WBA Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	init-140r6opg3f7b3b5fypx.js Show response api.b2c.com/api/ Frame 0394	12 KB 5 KB	175ms 175ms	Script text/javascript	2600:1f14:e96:5802:b76e:7a35:805d:7afc Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.b2c.com/api/init-140r6opg3f7b3b5fypx.js?AdUnitID_TopLevel=71217025&AdUnitID=21804943389&AdvertiserID=29195785&OrderID=415620985&LineItemID=133590745&CreativeID=138289260727&sid=Ransomware Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:b76e:7a35:805d:7afc Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash 55bf4c919104c2b18429a23cacf6957023ad8dcab2be36a9323856046d999826 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:31 GMT content-encoding gzip server openresty content-type text/javascript status 200 cache-control no-cache, no-store, must-revalidate expires -1
GET H2	200	4390210955599906931 tpc.googlesyndication.com/simgad/ Frame 0394	96 KB 96 KB	7ms 7ms	Image image/png	2a00:1450:4001:81e::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4390210955599906931 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 5f6a2f6eba7c73d84d76595f69e3c0ef27c0fc4a528c97d803623bde78344a76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 30 Sep 2019 19:30:29 GMT x-content-type-options nosniff age 2 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 98057 x-xss-protection 0 last-modified Fri, 27 Sep 2019 17:13:59 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 29 Sep 2020 19:30:29 GMT
GET DATA	200 OK	truncated / Frame 0394	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fd9aa4e6f2d549187f895ee018172960bf0fc97c7c188d6404e89d5951036193 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	4 Show response api-52-13-18-69.b2c.com/api/ Frame C27B Redirect Chain https://api-52-13-18-69.b2c.com/api/x?lGOiCaVjB4Yi0nxx$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3... https://api-52-13-18-69.b2c.com:444/api/4?lGOiCaVjB4Yi0nxx	43 B 441 B	668ms 164ms	XHR image/gif	52.13.18.69 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-52-13-18-69.b2c.com:444/api/4?lGOiCaVjB4Yi0nxx Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.13.18.69 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-13-18-69.us-west-2.compute.amazonaws.com Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:33 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin null Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43 Expires -1 Redirect headers Date Mon, 30 Sep 2019 19:30:32 GMT Server openresty Location https://api-52-13-18-69.b2c.com:444/api/4?lGOiCaVjB4Yi0nxx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin https://www.scmagazine.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 142
GET H/1.1	200 OK	ad.gif api-54-200-75-89.b2c.com/api/ Frame 0394	43 B 233 B	519ms 172ms	Image image/gif	2600:1f14:e96:5802:36e3:af3f:9c97:3d9f Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://api-54-200-75-89.b2c.com/api/ad.gif Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:36e3:af3f:9c97:3d9f Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:32 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Connection keep-alive Content-Length 43 Content-Type image/gif
POST H/1.1	200 OK	x api-34-222-125-127.b2c.com/api/ Frame 7DD2	0 388 B	519ms 173ms	Other text/plain	2600:1f14:e96:5802:39ac:8432:6001:f41 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-34-222-125-127.b2c.com/api/x?CUWwYTWthjDJE0Eo$YWRibG9jayQ1NTMkMA Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:39ac:8432:6001:f41 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:32 GMT Server openresty Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin https://www.scmagazine.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires -1
GET H/1.1	200 OK	4 Show response api-54-200-75-89.b2c.com/api/ Frame 0394 Redirect Chain https://api-54-200-75-89.b2c.com/api/x?Yi0TPXee3oujrqPp$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL... https://api-54-200-75-89.b2c.com:444/api/4?Yi0TPXee3oujrqPp	43 B 441 B	674ms 166ms	XHR image/gif	54.200.75.89 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-54-200-75-89.b2c.com:444/api/4?Yi0TPXee3oujrqPp Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.200.75.89 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-200-75-89.us-west-2.compute.amazonaws.com Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:33 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server openresty Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin null Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43 Expires -1 Redirect headers Date Mon, 30 Sep 2019 19:30:32 GMT Server openresty Location https://api-54-200-75-89.b2c.com:444/api/4?Yi0TPXee3oujrqPp Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin https://www.scmagazine.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 142
POST H/1.1	200 OK	x api-54-188-115-89.b2c.com/api/ Frame BBBB	0 388 B	515ms 172ms	Other text/plain	2600:1f14:e96:5800:36f0:f20:9bd0:c292 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-54-188-115-89.b2c.com/api/x?7ALfb5o8MT7YCHHJ$YWRibG9jayQ1MzMkMA Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5800:36f0:f20:9bd0:c292 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:32 GMT Server openresty Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin https://www.scmagazine.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires -1
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 7DD2	42 B 110 B	29ms 29ms	Image image/gif	2a00:1450:4001:81e::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBeOqEtoBCobLFnGOJRC1CjFU30v7gxglV266Y8KK3riGCeO1Jlb28dhZ8cGDerveS9hQJJlI394ZleKeBdiHafNp7QclG2D0LkU5Ny4E&sig=Cg0ArKJSzIZipzvsPTauEAE&adk=380034999&tt=-1&bs=1585%2C1200&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&p=194,429,284,1157&mcvt=1071&rs=3&ht=0&tfs=1034&tls=2105&mc=1&lte=1&bas=0&bac=0&met=no&avms=nio&niot_obs=997&niot_cbk=1019&md=2&lm=2&rst=1569871831083&rpt=36&isd=0&msd=0&ext=mvo%3D-1%26brt%3D233&oseid=3&xdi=0&ps=1585%2C3877&ss=1600%2C1200&pt=-1&bin=1&deb=1-1-5-23-18-11-67-18-0-0-0&tvt=2098&r=v&id=osdim&vs=4&za&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=728x90&itpl=3&v=20190927 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	x api-52-13-18-69.b2c.com/api/ Frame C27B	0 388 B	516ms 173ms	Other text/plain	2600:1f14:e96:5800:cd8d:f29c:54d0:b001 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-52-13-18-69.b2c.com/api/x?lGOiCaVjB4Yi0nxx$YWRibG9jayQ1MzEkMA Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5800:cd8d:f29c:54d0:b001 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:32 GMT Server openresty Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin https://www.scmagazine.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires -1
POST H/1.1	200 OK	x api-54-200-75-89.b2c.com/api/ Frame 0394	0 388 B	172ms 172ms	Other text/plain	2600:1f14:e96:5802:36e3:af3f:9c97:3d9f Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-54-200-75-89.b2c.com/api/x?Yi0TPXee3oujrqPp$YWRibG9jayQ1MzYkMA Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f14:e96:5802:36e3:af3f:9c97:3d9f Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Mon, 30 Sep 2019 19:30:32 GMT Server openresty Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin https://www.scmagazine.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires -1
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame C27B	42 B 110 B	30ms 30ms	Image image/gif	2a00:1450:4001:81e::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRCI-ZYdA5lp5CMlCe70uFf3qMv0jS_clH_d_5ImjH9j6D7ZkOdg-KrE3UUgTqQtROeeG-IMvGe7au6rKDMhk1E43ubIU5zrnR-rjN2tE&sig=Cg0ArKJSzOt_clgw8RDCEAE&adk=3876327918&tt=-1&bs=1585%2C1200&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&p=300,1053,550,1353&mcvt=1057&rs=3&ht=0&tfs=1560&tls=2617&mc=1&lte=1&bas=0&bac=0&met=no&avms=nio&niot_obs=1428&niot_cbk=1458&md=2&lm=2&rst=1569871831515&rpt=52&isd=0&msd=0&ext=mvo%3D-1%26brt%3D241&oseid=3&xdi=0&ps=1585%2C3877&ss=1600%2C1200&pt=-1&bin=1&deb=1-1-5-29-23-11-95-23-0-0-0&tvt=2611&r=v&id=osdim&vs=4&za&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=300x250&itpl=3&v=20190927 Requested by Host: www.scmagazine.com URL: https://www.scmagazine.com/home/security-news/ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	up insight.adsrvr.org/track/ Frame 7D6B	0 0	90ms 29ms	Document text/html	52.51.120.75 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&upid=e4qkh98&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.120.75 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-51-120-75.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers :method GET :authority insight.adsrvr.org :scheme https :path /track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&upid=e4qkh98&upv=1.1.0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://www.scmagazine.com/home/security-news/ransomware/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://www.scmagazine.com/home/security-news/ransomware/ Response headers status 200 date Mon, 30 Sep 2019 19:30:36 GMT content-type text/html cache-control private,no-cache, must-revalidate pragma no-cache x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1369105046&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20new... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=618309591.1569871830&jid=737757146&_gid=2126116529.1569871836&gjid=41785011&_v=j79&z=1875661093 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=737757146&_v=j79&z=1875661093 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=737757146&_v=j79&z=1875661093&slf_rd=1&random=3348615057	42 B 109 B	33ms 33ms	Image image/gif	2a00:1450:4001:81d::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=737757146&_v=j79&z=1875661093&slf_rd=1&random=3348615057 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 30 Sep 2019 19:30:36 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=737757146&_v=j79&z=1875661093&slf_rd=1&random=3348615057 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 109 B	6ms 6ms	Image image/gif	2a00:1450:4001:80b::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j79&a=1369105046&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=%2Fhome%2Fsecurity-news%2Fransomware%2F&el=25%25&ev=25&_u=aGjAAAADQ~&jid=&gjid=&cid=618309591.1569871830&tid=UA-1290429-10&_gid=2126116529.1569871836&gtm=2wg9i1W475TQW&z=1070706027 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sat, 24 Aug 2019 15:15:32 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 3212104 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1369105046&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2F&ul=en-us&de=UTF-8&dt=Ransomware%20new... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=618309591.1569871830&jid=123840909&_gid=1512608903.1569871845&gjid=315849859&_v=j79&z=680207419 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=123840909&_v=j79&z=680207419 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=123840909&_v=j79&z=680207419&slf_rd=1&random=1495072550	42 B 109 B	31ms 31ms	Image image/gif	2a00:1450:4001:81d::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=123840909&_v=j79&z=680207419&slf_rd=1&random=1495072550 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 30 Sep 2019 19:30:45 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 30 Sep 2019 19:30:45 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=618309591.1569871830&jid=123840909&_v=j79&z=680207419&slf_rd=1&random=1495072550 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	imsync.ashx Show response ml314.com/	17 B 427 B	121ms 31ms	Script text/html	34.248.158.173 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://ml314.com/imsync.ashx?pi=5978151503191974184&data=eyJwaCI6MzY2NSwid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNTY5ODcxODMwMTI4X3R0am1rNmVjNSIsInNkIjoxMjAwfQ%3D%3D Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?3082019 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.248.158.173 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-248-158-173.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:30:45 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/html; charset=utf-8 Cache-Control private Connection keep-alive Content-Length 135
GET H2	200	ping ping.chartbeat.net/	43 B 168 B	94ms 94ms	Image image/gif	52.203.60.11 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=scmagazine.com&p=%2Fhome%2Fsecurity-news%2Fransomware%2F&u=DLOePgM9t_TDWx_mM&d=scmagazine.com&g=56851&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=3877&o=1585&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1691&t=D9PB-1Ch8ra9Bt4SACeA3R4DXlGEV&V=116&tz=-120&sn=2&sv=CBvWxxDyevxED4cljzCRjNyG-WYfc&sd=1&im=067b2fff&_ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.60.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-203-60-11.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Sec-Fetch-Mode no-cors Referer https://www.scmagazine.com/home/security-news/ransomware/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 pragma no-cache date Mon, 30 Sep 2019 19:30:46 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0